From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 31914 invoked by alias); 18 Oct 2014 15:05:17 -0000 Mailing-List: contact cygwin-developers-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-developers-owner@cygwin.com Mail-Followup-To: cygwin-developers@cygwin.com Received: (qmail 31893 invoked by uid 89); 18 Oct 2014 15:05:16 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: mailout11.t-online.de Received: from mailout11.t-online.de (HELO mailout11.t-online.de) (194.25.134.85) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Sat, 18 Oct 2014 15:05:15 +0000 Received: from fwd14.aul.t-online.de (fwd14.aul.t-online.de [172.20.26.242]) by mailout11.t-online.de (Postfix) with SMTP id EC2595DBA4F for ; Sat, 18 Oct 2014 17:05:11 +0200 (CEST) Received: from [192.168.2.108] (S95a90Zbrhsx5ei7UhR54MK3ih6XZFkN5PC2ZaA2tLNyxwK6IVM7ofmPYHyuiOCwHO@[79.224.114.102]) by fwd14.t-online.de with (TLSv1.2:ECDHE-RSA-AES256-SHA encrypted) esmtp id 1XfVZ4-0hK1j60; Sat, 18 Oct 2014 17:05:06 +0200 Message-ID: <544281A1.1050203@t-online.de> Date: Sat, 18 Oct 2014 15:05:00 -0000 From: Christian Franke User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26.1 MIME-Version: 1.0 To: cygwin-developers@cygwin.com Subject: Re: Cygwin AF_UNIX emulation References: <544039E2.2040908@t-online.de> <20141017114911.GA27069@calimero.vinschen.de> <54416E01.70309@t-online.de> <20141018103553.GW2681@calimero.vinschen.de> In-Reply-To: <20141018103553.GW2681@calimero.vinschen.de> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2014-10/txt/msg00010.txt.bz2 Corinna Vinschen wrote: > On Oct 17 21:29, Christian Franke wrote: >> Corinna Vinschen wrote: >>> On Oct 16 23:34, Christian Franke wrote: >>>> Nasty detail: At least postfix sets the all AF_UNIX sockets to rw-rw-rw- and >>>> relies only on directory permissions (private: rwx------, public: rwx--x---) >>>> for access control. This is not effective on Cygwin. Due to the rw-rw-rw-, >>>> the 'secret' is world readable on Cygwin and another Cygwin specific patch >>>> is required :-) >>> Yeah, thanks to Windows which enables the "Bypass Traverse checking" >>> privilege for everyone :( At one point in 2005 I toyed with traverse >>> checking but eventually gave up in 2006 and reverted the stuff. >> This does not appear as an Se*Privilege in the token, correct? > It's in the token, and it's an ugly amalgamation of two unrelated > mechanisms(*): > > SE_CHANGE_NOTIFY_NAME > > Required to receive notifications of changes to files or > directories. This privilege also causes the system to skip all > traversal access checks. It is enabled by default for all users. > > User Right: Bypass traverse checking. An unexpected "feature", IMO. Hmm.... after removing this privilege, Cygwin returns garbage stat() info, for any path below the 'forbidden directory': $ uname -srvm CYGWIN_NT-6.1-WOW64 1.7.33s(0.278/5/3) 20141017 14:39:49 i686 $ cd /var/spool/postfix/ $ ls -ld private drwx------+ 1 postfix none 0 Oct 18 16:39 private $ ls -l private ls: cannot open directory private: Permission denied $ ls -l private/smtp srw-rw-rw- 1 postfix none 0 Oct 18 16:39 private/smtp $ cygdrop -p ChangeNotify ls -l private/smtp -rw-r----- 1 Unknown+User Unknown+Group 6991943424855812584 Jun 23 1909 private/smtp $ ls -l private/no/such/path ls: cannot access private/no/such/path: No such file or directory $ cygdrop -p ChangeNotify ls -l private/no/such/path -rw-r----- 1 Unknown+User Unknown+Group 6991943424855812584 Jun 23 1909 private/no/such/path $ cygdrop -p ChangeNotify ls -l /tmp/no/such/path ls: cannot access /tmp/no/such/path: No such file or directory >> BTW: I could ITP postfix in one week or so. It would rely on the SO_PEERCRED >> workaround for now. Any objections? > Uh, we're not having a Cygwin release it could work with for now. > It might be better to wait until then, if that's ok with you. Of course. My intention was to get the initial packing issues fixed early such that the actual upload could be done when a the first compatible Cygwin release is available. > I'm planning to release 1.7.33(**) in November at the latest. I'm > not going to stall this release until we have another solution for > the aforementioned problems, the SO_PEERCRED wourkaround should > suffice for now. OK. > (**) Or 1.9.0. I'm not sure yet if we should bump the DLL major > version due to the massive changes to user and group handling or not. During testing postfix with recent snapshots, I found nothing that needed to be changed in my existing installations which have complete /etc/passwd and group files. The only visible difference is that Cygwin now reports groups not seen before (like 4="INTERAKTIV"). So keeping 1.7.* might be OK. Christian