On Oct 12 20:37, Bryan Berns wrote:
> I noticed when I launch an executable, Cygwin queries SACL information
> on the executable (which I can see in Process Monitor as a
> 'QuerySecurityFile' operation).  On some of my protected file servers,
> this generates a failure audit.  Looking at the source code, I'm going
> to guess this might be from the NtQuerySecurityObject call in
> security.cc which requests SACL information by asking for for
> ALL_SECURITY_INFORMATION.  Does Cygwin really need to query this
> information? Aside from keeping my audit logs clean, it seems like it
> might be an opportunity for optimizing the executable launch process
> if Cygwin doesn't really need this (or some of the other information
> that ALL_SECURITY_INFORMATION provides).

As you found out yourself, Cygwin only reads and writes the owner/group
information and the DACL.  Accessing this information is required for
POSIX permission handling, e.g. stat(2), chmod(2), chown(2), acl(2).
Also, creating a file with open(2) requires to write the DACL to create
valid POSIX permissions for a file.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat