| www.delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=mY/JTMCCLWPDxFdfMWdwBWhEZot6VJYK3rGU9rfb1gEFaUqU6DyIX | |
| 9hZqLXJsA6ewh3hKRX6fxzMZGPfxNqyDbqQU2aq1Dfa6Mf+ZkIsHdXrIWG4kCZVx | |
| fg6xPNvDDNoWsVLEvoB6oZAScNHELye4+uNdHfQkksk3eIP/afDOlY= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=JBKPPddjVYY2p3Y/M8UIF9IWaqU=; b=lrXuK9Yz2Wj8aV649VTpcuOXNwWf | |
| RCvKJg4v0eKD4sWEeDUqTm5ecyX1cpsmDuAb5gAcXgGQ3LHjljaibwq83HFs9XnW | |
| K1zb4gZ00yvVlmfgCj948voY42S8rLEE88Ii4gwxDCUZ3fCTdMQv3eCYQpCz38xs | |
| +lGWYLQbqFL3oC0= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.4 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Thu, 9 Apr 2015 09:43:28 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: setfacl can kill a drive |
| Message-ID: | <20150409074328.GO2819@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <CAAXzdLUZvdNw_UyOXMa5ozoGuG7zjPnz=rRLELFBoEF8+miZUA AT mail DOT gmail DOT com> <CAAXzdLUgnjfeA=LkrdUp68zHterj5hj5BtLqh0W=TCAn1zPrpQ AT mail DOT gmail DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <CAAXzdLUgnjfeA=LkrdUp68zHterj5hj5BtLqh0W=TCAn1zPrpQ@mail.gmail.com> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--P7Tqkd/m/Jnohiaz Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Apr 8 16:40, Steven Penny wrote: > On Wed, Apr 8, 2015 at 5:17 AM, Steven Penny wrote: > > I upgraded to the new Cygwin today, why is this command producing diffe= rent > > permissions? Moreover how do I get it to produce sane results? >=20 > I was able to use these command to produce sane results >=20 > $ cd /cygdrive/c >=20 > $ touch bad.txt >=20 > $ setfacl -k . >=20 > $ touch good.txt >=20 > $ ls -l *.txt > -rw-rwxr--+ 1 John None 0 Apr 8 02:16 bad.txt > -rw-r--r-- 1 John None 0 Apr 8 02:16 good.txt >=20 > I feel that the default permissions are wrong here. On linux when you > create a new file with touch, it does not have executable permissions, It's a result of ACL inheritance and before the changes to Cygwin's ACL handling, you wouldn't even have seen it. > for good reason. This would be a security issue. No, it's how ACL inheritence works on Windows, combined with the way the group permissions reflect the ACL mask value per POSIX 1003.1e draft 17. See, e.g, http://linux.die.net/man/5/acl, "Correspondence Between Acl Entries And File Permission Bits". Note that the group permission bits are reflecting all additional permissions added to the file by Windows ACL inheritance. So it's actually a great help identifying security issues. The real issue here is, of course, the fact that the mask value is not umask'ed at file creation time. This is WIP I'm actually working on right now. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --P7Tqkd/m/Jnohiaz Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVJi2gAAoJEPU2Bp2uRE+g0L4P/i1/M8RFqqIqAaXYs+EL1QmX HqBNBGSHdRyWlcPzDybmQYIlCt0DeFEpal+0iQ11XE6Tv1Sb4eAUaNe0X69ELltD 0vkGadsQSVlgmLNUzzuDkX0Le5Z9YHAI3NobMKvp0dbk74o/wawqFwoQE82bKJ9O McCt3JGrAN44Lq76rQqV97eqUGs7xLsFTxvOm8O/mYLIH8ssbCam+LyGZfTl9Vfx Ai+WJU8WFq7iq7plvWfqcCaKbwgv8r//I+Tp4m5fOGWlgmpnrAuRzI/CRkUWqPNS 4NqIOq+avrZZGo96o/GLD8zdqlZoqj3ZqTSO+89si5CecaCOK0Qn8sDuZfRY1Hk7 yxt0n7JUZ6CbkRqbx7IfwVQOn1douMSzgAdFHTOdGjvMr9WWE5VAtHUDgjHB71oc 93ldr/XsKgJIUdX+lBaNazbnUYLUK4FD935zBDkM27KXKNp7pj62yUcgkczvC31r dV8SRinSIkNKtkgQUIXSr/keHFYnM614C7A76JlXZKiPcsdQfVMdyWMwZibCX7ME xhjR4HW6j7mEJ60PWP+CEVrw8HGd1NweTSQujU34TYRU4FtdM/h0NSMu8Jw+2V87 hNz7sGwC4MH3kDUz1BqMprisVeGI8OZSnT8BtGrR6r7juOpRV8FhCkIWI4rqsLDP wrLQYxDCxk26aql5dRh3 =dg3b -----END PGP SIGNATURE----- --P7Tqkd/m/Jnohiaz--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |