From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 15633 invoked by alias); 11 Apr 2015 14:32:31 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 15622 invoked by uid 89); 11 Apr 2015 14:32:30 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.4 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 11 Apr 2015 14:32:30 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 7A2B9A80A4C; Sat, 11 Apr 2015 16:32:25 +0200 (CEST) Date: Sat, 11 Apr 2015 14:32:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: [TESTERS needed] New POSIX permission handling Message-ID: <20150411143225.GJ7343@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <20150410100703.GA4401@calimero.vinschen.de> <87lhhzcarc.fsf@Rainer.invalid> <20150411094414.GC19111@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="NY6JkbSqL3W9mApi" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-SW-Source: 2015-04/txt/msg00209.txt.bz2 --NY6JkbSqL3W9mApi Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 1640 On Apr 11 07:11, Bryan Berns wrote: > >> > That means, even if SYSTEM or Administrators have full access to t= he > >> > file, the POSIX permssion bits will not reflect that fact. And wh= ile > >> > other users get access denied based on the mask value, SYSTEM and > >> > Administrators will never get access denied based on the mask. > >> > >> If you want to put this to better use in larger settings it would seem > >> preferrable if it was possible to define a list of users to treat this > >> way in fstab. > > > > Nope, sorry, no configuration for this. Either it's handled without > > any exception, or for SYSTEM only, or for SYSTEM+Admins. But either > > way, we're doing it the same way on every system. >=20 > Damn. I was about to reply with Achim's exact same thought --- like a > file in /etc with a list of SIDs. I can empathize with Corinna's veto > though -- having a hundred tweak-able settings in Cygwin is > unmaintainable for the general populous. I may apply a local patch to > extend this ability myself because Cygwin has become rather unusable > for users with home's on our network drives (given all the programs > that attempt to do sanity checks on group perms). I'd suggest to give the new ACL handling sa try first. It might not be as bad (anymore) as you think. > That said, I appreciate what has been integrated --- it will help in > several scenarios. I will test the release this weekend. Thanks for > all the hard work! Thank you, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --NY6JkbSqL3W9mApi Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVKTB5AAoJEPU2Bp2uRE+grv0QAKINkOMiNgaiwq8Z0du+75iA QymJO9tdL53wOjLsvWp93X7m+khd0d9fMq1rThyHHqXREbAx0mot2LaR3W4h3m8W YWgizHDWkm0s7Jr++zRORbiHc2SC80jFvJEg4haWSqDFgN7QVOkjzVMULvPWGJy9 zrOJnj684geyUP9gUCssBbAFRNrlrQ3QA65qiPBPIVDh3dJPpaIlv9VRH06eyrmF gv6mp15hp4SO6JzbGPriBKgtsgzhaK7IscWvEgRKyTcOnWHK9ieGk47Eil18hc+k VD9nj/w/fN5rHMX+6nvaZj+YGzptFyVtE9Y6JgA/FbX5XlyTvhanlndTm4INWieC o/uUzcixvKu6MOP5XC3qgLCQpS8RRsJpwNnEP8ESNw/1U4TnEHZlwyppI4nUn3PM 8ehe9OHowfzTatvIe0VG+obw01trDYnOU/bT8TQvaW/nzs6n3ElvB8WIq9bukPXM LqXArde6ZWDMN08aQbTdSzcW0r1kPQj1+RhYMahDTAJyg11tWn+5ySy8Ob1FSnVp jvyV3o4LR7AcMnC3RnDP7gzx3pytNH6zGWzel1UvZD2O+pEVkq+azJ8DCh6gMZfT 67nExc3YnGC1LpQHuoxNegnlkoX+O/taTJ0eUzoyTcCfdEXJ//DiYmURYdKSMlzi 1sL4ezjoMBHeEffHJNXw =lOqk -----END PGP SIGNATURE----- --NY6JkbSqL3W9mApi--