From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 106342 invoked by alias); 8 Feb 2016 18:20:00 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 106328 invoked by uid 89); 8 Feb 2016 18:20:00 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-96.6 required=5.0 tests=BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_PBL,RDNS_DYNAMIC,USER_IN_WHITELIST autolearn=no version=3.3.2 spammy=H*R:D*cygwin.com, H*R:U*cygwin, xnor, H*f:sk:ema890e X-HELO: calimero.vinschen.de Received: from ipbcc0d020.dynamic.kabel-deutschland.de (HELO calimero.vinschen.de) (188.192.208.32) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 08 Feb 2016 18:19:59 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 0763EA804DF; Mon, 8 Feb 2016 19:19:57 +0100 (CET) Date: Mon, 08 Feb 2016 18:20:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: Issues with ACL settings after updating to the latest cygwin.dll Message-ID: <20160208181956.GI12975@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <20160208141643.GE12975@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="VkVuOCYP9O7H3CXI" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) X-SW-Source: 2016-02/txt/msg00086.txt.bz2 --VkVuOCYP9O7H3CXI Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 2591 On Feb 8 17:48, xnor wrote: >=20 > >I'm not quite sure what you observe there. The NULL SID ACE only > >contains extra information about some POSIX bits and the MASK value. > >It's existence and setting should not influence what you can do with the > >file. The permission bits are explicitely set elsewhere in the ACL. > > > >Can you reproduce the issue so that I can see what's going on? I need > >the icacls output for the file and its parent directory, as well as the > >output from getfacl for both. > I have the same problem with Transmission. >=20 > I noticed this first when I tried to execute an exe that was downloaded w= ith > Transmission compiled in cygwin. When trying to start the exe from Explor= er > an error dialog will appear: > "Windows cannot access the specified device, path, or file. You may not h= ave > the appropriate permissions to access the item." Not sure what Transmission is, but files downloaded with POSIX tools are usually not executable. For instance, download Cygwin's setup-x86.exe with wget. Then try to execute it. It won't since the permissions are set according to your umask and without execute permissions, e.g., 0644. This is normal. > When going to file properties - security I get an information dialog wind= ow: > "The permissions on are incorrectly ordered, which may cause so= me > entries to be ineffective." >=20 > Proper permissions (of parent folder) look like this: > Authenticated Users: modify > SYSTEM: Full control > Administrators: Full control > Users: Read & execute >=20 >=20 > The permissions of the cygwin/transmission created files are (manually > translated from German): > NULL SID: special > : special > Authenticated Users: Browse folder / Execute file > SYSTEM: Browse folder / Execute file > Administrators: Browse folder / Execute file > Users: Browse folder / Execute file > Nobody: Read > Authenticated Users: Read, write, execute > SYSTEM: Read, write, execute > Administrators: Read, write, execute > Users: Read, Execute > Everyone: Read >=20 >=20 > Also when going to advanced permissions it shows the same incorrectly > ordered warning and asks me to re-order permissions. The permissions must *not* be reordered. If Cygwin creates permissions incorrectly it's one thing, but the order to emulate POSIX permissions is non-canonical. Reordering them will break them. Please provide the exact output from icacls. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --VkVuOCYP9O7H3CXI Content-Type: application/pgp-signature; name="signature.asc" Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWuNxMAAoJEPU2Bp2uRE+gxWYP/j7diD/hrJgFvaksOlM5lWKD JzOafXU9tlN6xy0jUB4zipW8MIoDB3cG0JM+abBdSEBEtSuGeeZsiylMp4/e0msA VL9+/y2NLY+vhNXmodNMB8vPJkumOrvewCfpvRyZGR8nrzS+BKPJktUxGimmtlMT irqkqtz4hQ6kR0ep7lHIXP9BsNy6UN4a1QS9a1IEyrkSfbSog92ldDG6oHG6UlQp 0DZNd9H3vmbkR3wF9ZCo3KH+KSBtCqaYAJOQvcyhMysFd3dpIhOr9mO6RsWU/XS5 qM/jf5JQh4J11BCRGkhhG8bwmx/PxoPqV5JaJs9eMoSg1ZVRHeZJ64w9aZdZOma5 JgEUjdMQ6H+uTahpfvDHWB+GzT7FxXAK8Psv08hJGR2FxYny5XcXKg+sgfzfdZzt 2mqiuVGgr7fj55VvCXzMy5gowyFsNkUZe1hZGtJviUWmV1SW5/Bty9PsFs5KLA9g X0E1Dis7lp18yyd2eIRRrjpsbPdTkvH/YC9bSLH22/+AfuodUe6SoSU31ed1wFoU Uv6Jn17yJ8GRJeujjDDkI4PK2QFaZJtZYgyCZwmVsn6hahJnzhpPa9+z+c2E2Vmd cmWTOLa6K3GsMnyTAnBD2OkAbeVBL5B0ki2QbaPhKgmwTLYi+xQ/DJSvtkVlDpHt qfqnas+9Q1EXVoMIzGx5 =d7Ir -----END PGP SIGNATURE----- --VkVuOCYP9O7H3CXI--