From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mailout04.t-online.de (mailout04.t-online.de [194.25.134.18]) by sourceware.org (Postfix) with ESMTPS id C12B3385E017 for ; Wed, 6 Jul 2022 07:14:14 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C12B3385E017 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=t-online.de Authentication-Results: sourceware.org; spf=none smtp.mailfrom=t-online.de Received: from fwd79.dcpf.telekom.de (fwd79.aul.t-online.de [10.223.144.105]) by mailout04.t-online.de (Postfix) with SMTP id 9C9C94FF6 for ; Wed, 6 Jul 2022 09:14:12 +0200 (CEST) Received: from [192.168.2.102] ([87.187.34.65]) by fwd79.t-online.de with (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384 encrypted) esmtp id 1o8zEf-36h9sW0; Wed, 6 Jul 2022 09:14:09 +0200 From: Christian Franke Subject: [PATCH setup] Add new option --chown-admin To: cygwin-apps@cygwin.com Message-ID: <3096f251-d7ca-073b-d7d7-751b7fe3e8c1@t-online.de> Date: Wed, 6 Jul 2022 09:14:08 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 SeaMonkey/2.53.12 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------8E90E92C138F9BC4E628C500" X-TOI-EXPURGATEID: 150726::1657091649-014391E0-E7986FF2/0/0 CLEAN NORMAL X-TOI-MSGID: 03135eb0-1c44-4f21-9da4-bdc29f520463 X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00, FREEMAIL_FROM, GIT_PATCH_0, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: cygwin-apps@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Cygwin package maintainer discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2022 07:14:16 -0000 This is a multi-part message in MIME format. --------------8E90E92C138F9BC4E628C500 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit If an installer is run elevated, the installed files will be typically owned by the local administrator (or in some cases SYSTEM or TrustedInstaller) instead of the current user. This is not the case for a Cygwin "All Users" installation. The files are then not protected from accidental changes by this user. The attached patch adds an experimental --chown-admin option which allows (new) installations owned by local administrator user and group. A drawback is that files generated by postinstall scripts are still owned by current user + "None" group. It should be possible to fix this with some perpetual preremove+postinstall scripts. I also don't know whether this may break some postinstall scripts. BTW: 'nt_sec.setDefaultSecurity (isAdmin)' is never called with 'isAdmin==true' as 'root_scope' is always 0. -- Regards, Christian --------------8E90E92C138F9BC4E628C500 Content-Type: text/plain; charset=UTF-8; name="0001-Add-new-option-chown-admin.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="0001-Add-new-option-chown-admin.patch" RnJvbSAxZGZjOGQ2M2E4NDM4ZTQyNTQ0YjA2Y2ZkZjIyNWYyMjIxMDdlZWQyIE1vbiBTZXAg MTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBDaHJpc3RpYW4gRnJhbmtlIDxjaHJpc3RpYW4uZnJh bmtlQHQtb25saW5lLmRlPgpEYXRlOiBXZWQsIDYgSnVsIDIwMjIgMDc6NDE6MTggKzAyMDAK U3ViamVjdDogW1BBVENIXSBBZGQgbmV3IG9wdGlvbiAtLWNob3duLWFkbWluCgpJZiBzcGVj aWZpZWQgYW5kIHRoZSBwcm9jZXNzIHRva2VuIG93bmVyIGlzIHRoZSBsb2NhbCBhZG1pbmlz dHJhdG9yLAp0aGUgb3duZXIgaXMgcHJlc2VydmVkIGFuZCB0aGUgcHJpbWFyeSBncm91cCBp cyBzZXQgdG8gdGhlIGxvY2FsCmFkbWluaXN0cmF0b3IgZ3JvdXAuCi0tLQogbWFpbi5jYyAg fCAgMyArKy0KIHdpbjMyLmNjIHwgNDEgKysrKysrKysrKysrKysrKysrKysrKysrKysrKysr LS0tLS0tLS0tLS0KIHdpbjMyLmggIHwgIDIgKy0KIDMgZmlsZXMgY2hhbmdlZCwgMzMgaW5z ZXJ0aW9ucygrKSwgMTMgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEvbWFpbi5jYyBiL21h aW4uY2MKaW5kZXggM2E4YzVlYS4uODFjNGE2NSAxMDA2NDQKLS0tIGEvbWFpbi5jYworKysg Yi9tYWluLmNjCkBAIC05OSw2ICs5OSw3IEBAIHN0YXRpYyBTdHJpbmdPcHRpb24gQXJjaCAo IiIsICdhJywgImFyY2giLCBJRFNfSEVMUFRFWFRfQVJDSCwgZmFsc2UpOwogc3RhdGljIEJv b2xPcHRpb24gVW5hdHRlbmRlZE9wdGlvbiAoZmFsc2UsICdxJywgInF1aWV0LW1vZGUiLCBJ RFNfSEVMUFRFWFRfUVVJRVRfTU9ERSk7CiBzdGF0aWMgQm9vbE9wdGlvbiBQYWNrYWdlTWFu YWdlck9wdGlvbiAoZmFsc2UsICdNJywgInBhY2thZ2UtbWFuYWdlciIsIElEU19IRUxQVEVY VF9QQUNLQUdFX01BTkFHRVIpOwogc3RhdGljIEJvb2xPcHRpb24gTm9BZG1pbk9wdGlvbiAo ZmFsc2UsICdCJywgIm5vLWFkbWluIiwgSURTX0hFTFBURVhUX05PX0FETUlOKTsKK3N0YXRp YyBCb29sT3B0aW9uIENob3duQWRtaW5PcHRpb24gKGZhbHNlLCAnXDAnLCAiY2hvd24tYWRt aW4iIC8qLCBUT0RPOiBJRFNfSEVMUFRFWFRfLi4uICovKTsKIHN0YXRpYyBCb29sT3B0aW9u IFdhaXRPcHRpb24gKGZhbHNlLCAnVycsICJ3YWl0IiwgSURTX0hFTFBURVhUX1dBSVQpOwog c3RhdGljIEJvb2xPcHRpb24gSGVscE9wdGlvbiAoZmFsc2UsICdoJywgImhlbHAiLCBJRFNf SEVMUFRFWFRfSEVMUCk7CiBzdGF0aWMgQm9vbE9wdGlvbiBWZXJzaW9uT3B0aW9uIChmYWxz ZSwgJ1YnLCAidmVyc2lvbiIsIElEU19IRUxQVEVYVF9WRVJTSU9OKTsKQEAgLTM1OSw3ICsz NjAsNyBAQCBXaW5NYWluIChISU5TVEFOQ0UgaCwKICAgICAgIH0KIAogICAgIC8qIFNldCBk ZWZhdWx0IERBQ0wgYW5kIEdyb3VwLiAqLwotICAgIG50X3NlYy5zZXREZWZhdWx0U2VjdXJp dHkgKChyb290X3Njb3BlID09IElEQ19ST09UX1NZU1RFTSkpOworICAgIG50X3NlYy5zZXRE ZWZhdWx0U2VjdXJpdHkgKChyb290X3Njb3BlID09IElEQ19ST09UX1NZU1RFTSksIENob3du QWRtaW5PcHRpb24pOwogCiAgICAgLyoKICAgICAgICBJZiAtLXN5bWxpbmstdHlwZSBvcHRp b24gaXNuJ3QgZ2l2ZW4sIGxvb2sgZm9yIHdpbnN5bWxpbmtzIGluIENZR1dJTgpkaWZmIC0t Z2l0IGEvd2luMzIuY2MgYi93aW4zMi5jYwppbmRleCA1NTA3MmE5Li41ZGM5NjE2IDEwMDY0 NAotLS0gYS93aW4zMi5jYworKysgYi93aW4zMi5jYwpAQCAtMzA4LDcgKzMwOCw3IEBAIE5U U2VjdXJpdHk6OnNldEFkbWluR3JvdXAgKCkKIH0KIAogdm9pZAotTlRTZWN1cml0eTo6c2V0 RGVmYXVsdFNlY3VyaXR5IChib29sIGlzQWRtaW4pCitOVFNlY3VyaXR5OjpzZXREZWZhdWx0 U2VjdXJpdHkgKGJvb2wgaXNBZG1pbiwgYm9vbCBrZWVwQWRtaW4pCiB7CiAgIC8qIEdldCB0 aGUgcHJvY2Vzc2VzIGFjY2VzcyB0b2tlbi4gKi8KICAgaWYgKCFPcGVuUHJvY2Vzc1Rva2Vu IChHZXRDdXJyZW50UHJvY2VzcyAoKSwKQEAgLTMzNSwyMSArMzM1LDQwIEBAIE5UU2VjdXJp dHk6OnNldERlZmF1bHRTZWN1cml0eSAoYm9vbCBpc0FkbWluKQogICAvKiBTZXQgdGhlIGRl ZmF1bHQgREFDTCB0byBhbGwgcGVybWlzc2lvbnMgZm9yIGV2ZXJ5b25lIGFzIGEgZmFsbGJh Y2suICovCiAgIHNldERlZmF1bHREQUNMICgpOwogCi0gIC8qIEdldCB0aGUgdXNlciAqLwot ICBpZiAoIUdldFRva2VuSW5mb3JtYXRpb24gKHRva2VuLnRoZUhBTkRMRSAoKSwgVG9rZW5V c2VyLCAmb3duZXJTSUQsCisgIC8qIEdldCB0aGUgb3duZXIgKi8KKyAgaWYgKCFHZXRUb2tl bkluZm9ybWF0aW9uICh0b2tlbi50aGVIQU5ETEUgKCksIFRva2VuT3duZXIsICZvd25lclNJ RCwKIAkJCSAgICBzaXplb2Ygb3duZXJTSUQsICZzaXplKSkKICAgICB7Ci0gICAgICBOb3Rl RmFpbGVkQVBJICgiR2V0VG9rZW5JbmZvcm1hdGlvbih1c2VyKSIpOworICAgICAgTm90ZUZh aWxlZEFQSSAoIkdldFRva2VuSW5mb3JtYXRpb24ob3duZXIpIik7CiAgICAgICByZXR1cm47 CiAgICAgfQotICAvKiBNYWtlIGl0IHRoZSBvd25lciAqLwotICBUT0tFTl9PV05FUiBvd25l ciA9IHsgb3duZXJTSUQudXNlci5Vc2VyLlNpZCB9OwotICBpZiAoIVNldFRva2VuSW5mb3Jt YXRpb24gKHRva2VuLnRoZUhBTkRMRSAoKSwgVG9rZW5Pd25lciwgJm93bmVyLAotCQkJICAg IHNpemVvZiBvd25lcikpCisKKyAgYm9vbCBvd25lcklzQWRtaW4gPSAhIUVxdWFsU2lkIChv d25lclNJRC51c2VyLlVzZXIuU2lkLCBhZG1pbmlzdHJhdG9yc1NJRC50aGVTSUQgKCkpOwor CisgIGlmIChrZWVwQWRtaW4gJiYgb3duZXJJc0FkbWluKQorICAgIExvZyAoTE9HX1RJTUVT VEFNUCkgPDwgIkRlZmF1bHQgb3duZXIgaXMgQWRtaW5pc3RyYXRvciIgPDwgZW5kTG9nOwor ICBlbHNlCiAgICAgewotICAgICAgTm90ZUZhaWxlZEFQSSAoIlNldFRva2VuSW5mb3JtYXRp b24ob3duZXIpIik7Ci0gICAgICByZXR1cm47CisgICAgICAvKiBHZXQgdGhlIHVzZXIgKi8K KyAgICAgIGlmICghR2V0VG9rZW5JbmZvcm1hdGlvbiAodG9rZW4udGhlSEFORExFICgpLCBU b2tlblVzZXIsICZvd25lclNJRCwKKwkJCQlzaXplb2Ygb3duZXJTSUQsICZzaXplKSkKKwl7 CisJICBOb3RlRmFpbGVkQVBJICgiR2V0VG9rZW5JbmZvcm1hdGlvbih1c2VyKSIpOworCSAg cmV0dXJuOworCX0KKyAgICAgIC8qIE1ha2UgaXQgdGhlIG93bmVyICovCisgICAgICBUT0tF Tl9PV05FUiBvd25lciA9IHsgb3duZXJTSUQudXNlci5Vc2VyLlNpZCB9OworICAgICAgaWYg KCFTZXRUb2tlbkluZm9ybWF0aW9uICh0b2tlbi50aGVIQU5ETEUgKCksIFRva2VuT3duZXIs ICZvd25lciwKKwkJCQlzaXplb2Ygb3duZXIpKQorCXsKKwkgIE5vdGVGYWlsZWRBUEkgKCJT ZXRUb2tlbkluZm9ybWF0aW9uKG93bmVyKSIpOworCSAgcmV0dXJuOworCX0KKyAgICAgIExv ZyAoTE9HX1RJTUVTVEFNUCkgPDwgIkRlZmF1bHQgb3duZXIgY2hhbmdlZCAiCisJCQkgIDw8 IChvd25lcklzQWRtaW4gPyAiZnJvbSBBZG1pbmlzdHJhdG9yICIgOiAiIikKKwkJCSAgPDwg InRvIGN1cnJlbnQgdXNlciIgPDwgZW5kTG9nOwogICAgIH0KKwogICAvKiBHZXQgb3JpZ2lu YWwgcHJpbWFyeSBncm91cC4gIFRoZSB0b2tlbidzIHByaW1hcnkgZ3JvdXAgd2lsbCBiZSBy ZXNldAogICAgICB0byB0aGUgb3JpZ2luYWwgZ3JvdXAgcmlnaHQgYmVmb3JlIHdlIGNhbGwg dGhlIHBvc3RpbnN0YWxsIHNjcmlwdHMuCiAgICAgIFRoaXMgaXMgbmVjZXNzYXJ5LCBvdGhl cndpc2UsIGlmIHRoZSBpbnN0YWxsaW5nIHVzZXIgaXMgYSBkb21haW4gdXNlciwKQEAgLTM2 NSw3ICszODQsNyBAQCBOVFNlY3VyaXR5OjpzZXREZWZhdWx0U2VjdXJpdHkgKGJvb2wgaXNB ZG1pbikKICAgLyogVHJ5IHRvIHNldCB0aGUgcHJpbWFyeSBncm91cCB0byB0aGUgQWRtaW5p c3RyYXRvcnMgZ3JvdXAsIGJ1dCBvbmx5IGlmCiAgICAgICJJbnN0YWxsIGZvciBhbGwgdXNl cnMiIGhhcyBiZWVuIGNob3Nlbi4gIElmIGl0IGRvZXNuJ3Qgd29yaywgd2UncmUKICAgICAg bm8gYWRtaW4gYW5kIHRoYXQncyBhbGwgdGhlcmUncyB0byBzYXkgYWJvdXQgaXQuICovCi0g IGlmIChpc0FkbWluKQorICBpZiAoaXNBZG1pbiB8fCAoa2VlcEFkbWluICYmIG93bmVySXNB ZG1pbikpCiAgICAgc2V0QWRtaW5Hcm91cCAoKTsKIH0KIApkaWZmIC0tZ2l0IGEvd2luMzIu aCBiL3dpbjMyLmgKaW5kZXggMDJjMWQwNi4uNTYwNTEyYiAxMDA2NDQKLS0tIGEvd2luMzIu aAorKysgYi93aW4zMi5oCkBAIC0xMzAsNyArMTMwLDcgQEAgcHVibGljOgogICB2b2lkIHJl c2V0UHJpbWFyeUdyb3VwKCk7CiAgIHZvaWQgc2V0QWRtaW5Hcm91cCAoKTsKICAgdm9pZCBp bml0aWFsaXNlV2VsbEtub3duU0lEcyAoKTsKLSAgdm9pZCBzZXREZWZhdWx0U2VjdXJpdHko Ym9vbCBpc0FkbWluKTsKKyAgdm9pZCBzZXREZWZhdWx0U2VjdXJpdHkoYm9vbCBpc0FkbWlu LCBib29sIGtlZXBBZG1pbik7CiAgIGJvb2wgaXNSdW5Bc0FkbWluICgpOwogICBib29sIGhh c1N5bWxpbmtDcmVhdGlvblJpZ2h0cyAoKTsKIHByaXZhdGU6Ci0tIAoyLjM2LjEKCg== --------------8E90E92C138F9BC4E628C500--