X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-1.7 required=5.0 	tests=AWL,BAYES_00
X-Spam-Check-By: sourceware.org
Message-ID: <4A9828E8.40805@t-online.de>
Date: Fri, 28 Aug 2009 20:58:48 +0200
From: Christian Franke <Christian DOT Franke AT t-online DOT de>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.21) Gecko/20090403 SeaMonkey/1.1.16
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: [1.7] Admins can write to readonly files
References: <1MgyLg-0CvIW00 AT fwd04 DOT aul DOT t-online DOT de> <4A97B5DB DOT 6010008 AT gmail DOT com> <4A981A80 DOT 2080006 AT t-online DOT de> <20090828183754 DOT GB27217 AT calimero DOT vinschen DOT de>
In-Reply-To: <20090828183754.GB27217@calimero.vinschen.de>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Corinna Vinschen wrote:
> On Aug 28 19:57, Christian Franke wrote:
>   
>> This is not true when 'chmod -w ...' was done before the upgrade to 1.7.
>> Cygwin 1.5 sets R/O attribute, then open for write fails with permission  
>> denied also on 1.7.
>>     
>
> That's why 1.7 tries not to set the R/O DOS attribute anymore.  But yes,
> that's not quite consistent.  open(2) should open these files for writing
> as well.  Unfortunately this requires to remove the R/O attribute before
> trying to open the file for writing.  There's no atomic way to accomplish
> this.
>
>   

Looks like a incomplete implementation of the restore privilege in 
Windows itself: If the restore privilege overrides a missing write 
permission in ACL, it should IMO also override the R/O attribute.

I would suggest to add a warning note to the manual that Cygwin 1.7 has 
root behavior (with backup/restore privileges set) for all users in 
admin group. That differs probably from what a new user would expect. At 
least because bash does not start with a '#' prompt even if root is 
effective:-)

Christian


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple