Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT cygwin DOT com>
List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-developers AT cygwin DOT com
Date: Thu, 27 Feb 2003 23:19:46 -0500
From: Christopher Faylor <cgf AT redhat DOT com>
To: cygwin-developers AT cygwin DOT com
Subject: Re: cygwin=ntsec:[no]strict
Message-ID: <20030228041946.GB23158@redhat.com>
Reply-To: cygwin-developers AT cygwin DOT com
Mail-Followup-To: cygwin-developers AT cygwin DOT com
References: <20030228032655 DOT GA22913 AT redhat DOT com> <3 DOT 0 DOT 5 DOT 32 DOT 20030227224844 DOT 0080be90 AT incoming DOT verizon DOT net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3.0.5.32.20030227224844.0080be90@incoming.verizon.net>
User-Agent: Mutt/1.5.1i

On Thu, Feb 27, 2003 at 10:48:44PM -0500, Pierre A. Humblet wrote:
>At 10:26 PM 2/27/2003 -0500, Christopher Faylor wrote:
>>I was wondering if it would make sense to have cygwin default to
>>a somewhat looser interpretation of POSIX correctness wrt protections.
>>I was considering that maybe a file with a .exe, .bat, .cmd extension
>>should always be considered executable regardless of protection.
>
>I would refrain from doing any such thing until both:
>- 1.3.21 is out. Unfortunately 1.3.20 has a bug that degrades the mapping
>  between acl and permissions, for files created by non-ntsec programs 
>  (such as setup). Also sh "test" (and soon bash and /bin/test (?)) will
>  reflect the *true* permissions in 1.3.21. 

I'll release a version of sh-utils shortly.

>- The new setup is out, with my ntsec patch. That will greatly alleviate
>  the problem you describe in the next paragraph.

I was getting the feeling that Robert thought there was no pressing
need for a new setup to be released.  It sounds like this is a pressing
need.

>>It seems like we are consistently confusing people who, after an
>>install, find that their programs are not considered to be executable by
>>cygwin.  I'm not sure why this is happening (does someone understand this?)
>
>Yes, but there are several cases. The main one is that on many systems
>the default ACL gives no permissions for Everyone, and in exchange the
>permissions are wide for Users. However that is not reflected in the
>permissions bits because the file group is None, and the ACL gives no access
>to None either.
>
>The stock answer should be to chmod +x the entire tree.

Yes but, the more important stock question is "Why doesn't this just
work?"  Any user would have the right to assume that after running setup
they'd have a usable system.  There are probably very many people out
there who just give up on cygwin because it doesn't work after first
installation.  The cygwin mailing list has got to be the tip of the
iceberg.  That's really doing them and us a disservice.

We have *got* to fix this problem.  I think it's giving cygwin a black
eye.

cgf