X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Message-ID: <48AE2E66.8060704@cwilson.fastmail.fm>
Date: Thu, 21 Aug 2008 23:11:34 -0400
From: Charles Wilson <cygwin AT cwilson DOT fastmail DOT fm>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.16) Gecko/20080708 Thunderbird/2.0.0.16 Mnenhy/0.7.5.666
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: [ANNOUNCEMENT] Updated: csih-0.1.7-1
References: <announce DOT 48A789B6 DOT 3010103 AT cwilson DOT fastmail DOT fm> <48A78C6F DOT 2050403 AT cwilson DOT fastmail DOT fm> <20080820134209 DOT GN29104 AT calimero DOT vinschen DOT de> <48ADA260 DOT 3020901 AT cwilson DOT fastmail DOT fm> <20080821173028 DOT GA24882 AT calimero DOT vinschen DOT de>
In-Reply-To: <20080821173028.GA24882@calimero.vinschen.de>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Corinna Vinschen wrote:

>> There are actually two questions: (a) should csih_check_access be
>> checking that the Administrators group has the desired access?, and (b)
>> are extended ACLs *actually* masked by the "other" bits?
> 
> a) Actually, since all file access is using backup privileges,
>    administrators typically have access anyway.  But we don't know if
>    admins on a given installation actually *have* backup privileges,
>    given that you can remove them from any account.

I'm not sure I follow. Are you talking about
  1) setup (current)
  2) setup-1.7
  3) cygwin-1.5
      a) when user is a member of the administrators group
      B) else?
  4) cygwin-1.7
      a) when user is a member of the administrators group
      b) else?
I mean, take case 3b or 4b: if a regular joe user does not HAVE backup
privilege, how can "all file access [be] using backup privileges" which
joe user doesn't have?

>  So, I think the test makes still sense, sort of. From a educational perspective at
>    least :)

OK.

> b) No.  ACCESS_ALLOW_ACEs permissions in the DACL are additive.

And that's what I was really looking for. So this test (and comments):

# the desired permissions. However, extended ACL entries are masked by
# the chmod bits for other, so we have to check that 'other' ALSO has at
# least the desired permissions. Otherwise, notify.
[ -z "$(echo "$ls_result" | sed -n /^......."$perm"/p)" ] && notify=1

can go away.

However, while fixing this, I found that many of the checks in
csih_check_access were not coded properly:

if [ shell_fun_call -a $var -eq "foo" ]

doesn't work.  It should be

if ( shell_fun_call && [ $var -eq "foo" ])

So, I fixed that, too -- although I dislike the extra subshells.

The new implementation is correct (I think), but it may mean that tests
that SHOULD have raised a warning flag earlier, but did not, may now do
so.  So, Corinna -- please grab the latest version from here:

http://cygwin.com/cgi-bin/cvsweb.cgi/~checkout~/csih/cygwin-service-installation-helper.sh?cvsroot=cygwin-apps

http://tinyurl.com/6regov

and try it out. I'm looking for false warning messages...

--
Chuck

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/