Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-developers-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin-developers AT sources DOT redhat DOT com
Message-ID: <3B78491C.CA23FB2C@ece.gatech.edu>
Date: Mon, 13 Aug 2001 17:39:40 -0400
From: Charles Wilson <cwilson AT ece DOT gatech DOT edu>
X-Mailer: Mozilla 4.7 [en] (X11; I; SunOS 5.8 sun4u)
X-Accept-Language: en
MIME-Version: 1.0
To: cygwin-developers AT sources DOT redhat DOT com
Subject: Re: outstanding issues blocking new release?
References: <997736053 DOT 9407 DOT ezmlm AT sources DOT redhat DOT com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

[snip]
> > In each case, 'ls -ld' shows "drwxrwxrwx".  Newly created files
> > underneath these two directories have ACLs that are identical.
> 
> That's what I'd expected. setup.exe uses a very simple default DACL
> (just look into the short new function in main.cc - it's hopefully
> well commented) which only sets full control for everyone. mkdir
> OTOH uses the standard POSIX permissions which give permissions
> always to user, group and other. The differences are only that
> files created by setup are deletable by everyone while files
> created by mkdir are only deletable by users which have write and
> execute permissions on the parent directory. You can see the
> difference only by carefully examining the output in the W2K "advanced"
> security tab.

Okay...

> > It seems that setup.exe follows "behavior #2" in Corinna's description
> > (because setup.exe IS a native windows app, after all).
> >
> > Two related questions:
> > 1) is the difference in directory ACLs a problem?
> 
> No. Not if security is a non-issue. Otherwise both variants are
> too dangerous.

Currently, it is probably a non-issue.  Later, perhaps...Egor may
disagree.
 
> > 2) should setup.exe contain the same code that security.cc does, so that
> > setup-created dirs have the same ACL as mkdir-created ones? (E.g. with
> > regards to ACL's, should setup.exe behave as a cygwin app according to
> > "behavior #3" in Corinna's description above?)
> 
> I don't know what you mean by "behavior #n". 

You listed three "new behaviors" in the email in which you announced
your recent changes (although you didn't number them; they were 'bullet
points').

> Anyway, It might be
> an interesting feature for future versions of setup to create the
> permissions on NTFS filesystems according to the permissions in
> the tarballs. However, it's a lot of work to pull the security.cc
> stuff into setup. And it only applies to systems which have `ntsec'
> set but the question if `ntsec' shall be used isn't asked anywhere
> in the setup dialogs. It wouldn't make any sense at all to people
> who install for the first time. And note that neither /etc/passwd
> nor /etc/group exist when the tarballs are unpacked the first time.
> So which user and group membership makes sense at that point?

Oooh.  good point.

> > An unrelated question: should setup create /tmp with perms 1777 instead
> > of 0777, as it currently does?
> 
> That's impossible with the current simple way to set the permissions
> using the default DACL. That requires the above, including security.cc
> code into setup.

Urk.

Okay, consider my points answered, but let me confirm: you have made no
recent changes to setup.exe, right?  (IOW, the setup.exe currently on
the cygwin websight and a setup.exe built from CVS will both create dirs
with the same simple DACL).  If not, then perhaps a newish setup should
be released along with the new cygwin.

--Chuck