This is the mail archive of the cygwin mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Greg Freemyer wrote:
On Thu, Sep 24, 2015 at 3:27 PM, Linda Walsh <cygwin@tlinx.org> wrote:Greg Freemyer wrote:Totally logical, but not accurate. )--- What does it say if you do an 'lsacl' on "." (the parent directory).$ ./lsacl.sh . [u::---,g::---,g:root:rwx,g:Authenticated Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:---/u::---,g::---,g:root:rwx,g:Authenticated Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:---] . But maybe this is interesting. I just created 2 folders in C:\ . I did it at the C:\ level because I can't imagine I ever modified the ACLs on C:\. Anyway, one directory was created via "mkdir" in cygwin. The other via the file explorer. Look at how different the ACLs are: $ mkdir /cygdrive/c/Test-dir-created-in-cygwin $ ./lsacl.sh /cygdrive/c/Test-dir-created-in-cygwin/ [u::rwx,g::r-x,g:root:rwx,g:Authenticated Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:r-x/u::rwx,g::r-x,g:root:rwx,g:Authenticated Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:r-x] /cygdrive/c/Test-dir-created-in-cygwin/ $ ./lsacl.sh /cygdrive/c/Test-dir-created-in-file-explorer/ [u::---,g::---,g:root:rwx,g:Authenticated Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:---/u::---,g::---,g:root:rwx,g:Authenticated Users:rwx,g:SYSTEM:rwx,g:Users:r-x,m:rwx,o:---] /cygdrive/c/Test-dir-created-in-file-explorer/ What's that about? Again I'm not expert at ACLs, but the ACLs on the directory created via File Explorer look really strange to me.
-----That looks like the 'Creator User & Creator Group Policies at work, which try to let you create a dir in root, but give limited access to
that dir -- but doesn't allow just any Creator to have full access...I think you are seeing a trickle down effect from the creator owner policy and the creator group policy banning full access -- because if you look
at the security tab in explorer I'll be those are pretty restricted...
This is a local file system? NTFS?Yes, C: drive. It's my local system drive on both computers and NTFS on both machines.Do you have process hacker? Maybe the writing process has a different integrity label or such.
---- Look at the acl in the Explorer 'security tab' You find some extra rules for 'creators' that are supposed to allow them to do things inside the dir but not to the dir or some such.
No, but let me know if you still want me to pursue that. For now I'm thinking the ACLs on folders created via File Explorer are somehow getting screwed up.
---- 'screwed-up' is relative -- i.e. in this case, likely what explorer is designed to do, (screw you), *str8-face*... In the home directory you want to deal with this in (I wouldn't suggest changing drives from root folder (I do such things and constantly end up with 'shot-in-foot' type problems that I get to have 'fun' fixing! ;->) But get rid of the creator rules so they won't propagate.... have to do it from windows those because those entities aren't posix. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |