Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
Sender: cygwin-developers-owner AT sourceware DOT cygnus DOT com
Delivered-To: mailing list cygwin-developers AT sourceware DOT cygnus DOT com
Message-ID: <36DE93A5.7BDF02CC@cityweb.de>
Date: Thu, 04 Mar 1999 15:07:33 +0100
From: Corinna Vinschen <corinna DOT vinschen AT cityweb DOT de>
X-Mailer: Mozilla 4.04 [en] (WinNT; I)
MIME-Version: 1.0
To: Geoffrey Noer <noer AT cygnus DOT com>, cygwin-developers AT sourceware DOT cygnus DOT com,
        DJ Delorie <dj AT delorie DOT com>, Christopher Faylor <cgf AT cygnus DOT com>,
        Sergey Okhapkin <sos AT prospect DOT com DOT ru>
Subject: Re: Repost: Patch, Version 2: UNIX-like permissions on objects
References: <01BE46C2 DOT 29B35190 AT sos> <36D8F66F DOT CB411F58 AT cityweb DOT de> <19990228222910 DOT A14921 AT cygnus DOT com> <36DDBD54 DOT 3B6417E8 AT cityweb DOT de>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Corinna Vinschen wrote:
> 
> Ok, I have updated from SP3 to SP4 yesterday and now, my `ntsec'-patch
> doesn't work anymore :(. More problems then ever! One core dump after
> the other. I hadn't the time, to check this out, possibly tomorrow, but
> I would already mention the problem. If anyone, who has tried my patch,
> can give me any hint or help:
> 
> HEEEEELP!

Hi!

I found the problem, it's really mysterious! Under strange circumstances,
the WinNT function `EqualSid()' smashes, if it has to compare with the
world sid (UID 0 `Everyone'). I have solved this by patching my code to the
following behaviour:

      Extract the UID from every SID and compare the resulting int's.

This works on my stand alone workstation, but I need feedback:

      Is this an adequate proceeding in NT domains?

I don't want to publish the patched code, 'til I get an informative answer to
this question.

I have solved a second problem. As description, I repost a part of my original mail:

---- repost ----
Remaining problem: NT directories have not only own permissions, but default permissions
for their files, too. The attached patch is not able, to set this rights. If somebody knows
a solution, I would be glad, to hear from you!
---- repost ----

The solution is, to set special flags in the ACE_HEADER struct:

	ace->Header.AceFlags |= OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE;

This results in the same file permissions as the directory permissions itself.
This is the expected behaviour, IMHO.

Regards,
Corinna