This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: .rhosts on W2K w/o ntsec


> Also, the directories created by Cygwin with ntsec do have
> inheritance turned on. In fact that inheritance determines the
> ACL of files created by Cygwin when ntsec is off, and also the
> ACL created by most Windows applications. Incidentally you
> can display these "stupid permissions" with getfacl and change
> them with setfacl, so you could add Administrators if needed.

Hmmm.... it seems as if you mis-interpreted (is this a word?) my problem: The permissions set by Cygwin with "ntsec" are absolutely OK. I'm having problems with permissions set by *native* Windows programs when they create files in my Cygwin home directory....

I just did some tests with CYGWIN=ntsec and it seems as if it's better than it used to be a year ago or so. The only thing that doesn't work is typing something like "cmd /c xxx.doc" to start the according application automatically if the according file is not executable but I can write a little script that looks into /proc/registry and figures out how to open a file of a given type.

I'll give it a shot, convert all my files to NT security and see how it goes. Thanks again.

Cheers,
--Christian
OK -- I tried it, converted all my files to ntsec and played around with some programs. And, I'll go right back, remove all NT-level permissions and turn off ntsec.

Files saved by Windows applications such as JBuilder (actually Java but a Windows JRE) end up as follows:

-r-xr-xr-x 1 root none 59486 Nov 20 20:46 MainFrame.java*

Without ntsec, the file looks as it should:

-rw-r--r-- 1 chris users 59486 Nov 20 20:46 MainFrame.java

Furthermore, backing up the Cygwin directory to a CD with a general purpose CD writer program such as Nero doesn't work anymore because Nero can't read some of the files.

Windows is not Unix and Windows programs typically don't care about file permissions (especially things like "should a file be executable"), thus files created by Windows programs will always end up with incorrect permissions in Cygwin with ntsec turned on.

Back to the original question: Would it be possible to either (optionally) turn off the owner check in ruserok() or to respect the UID/GID values in the extended attributes if "CYGWIN=ntea nontsec" plus something like "ntea_uid"?

Cheers,
--Christian


--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]