From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 97781 invoked by alias); 27 Jun 2016 10:29:22 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 97764 invoked by uid 89); 27 Jun 2016 10:29:21 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-93.6 required=5.0 tests=AWL,BAYES_05,CYGWIN_OWNER_BODY,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RDNS_DYNAMIC autolearn=ham version=3.3.2 spammy=billzissnavimaticscom, D*navimatics.com, billziss@navimatics.com, 197121 X-HELO: calimero.vinschen.de Received: from ipbcc0227e.dynamic.kabel-deutschland.de (HELO calimero.vinschen.de) (188.192.34.126) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 27 Jun 2016 10:29:11 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 03839A806D8; Mon, 27 Jun 2016 12:29:09 +0200 (CEST) Date: Mon, 27 Jun 2016 13:20:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: POSIX permission mapping and NULL SIDs Message-ID: <20160627102908.GB8258@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <20160624195144.GB27089@calimero.vinschen.de> <20160624215948.GD27089@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="CdrF4e02JqNVZeln" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.6.1 (2016-04-27) X-SW-Source: 2016-06/txt/msg00377.txt.bz2 --CdrF4e02JqNVZeln Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 1447 On Jun 24 23:03, Bill Zissimopoulos wrote: > On 6/24/16, 3:53 PM, "cygwin-owner@cygwin.com on behalf of Bill > Zissimopoulos" billziss@navimatics.com> wrote: >=20 >=20 > >One caveat is that Cygwin already maps S-1-5-7 to uid 7. So does that me= an > >that 7=3D=3Dnobody in Cygwin=E2=80=99s case? >=20 > Here is output from Cygwin/SSHFS after mapping =E2=80=9Cnobody/nogroup=E2= =80=9D to S-1-5-7: > << > billziss@windows:~$ cd /cygdrive/y > billziss@windows:/cygdrive/y$ ls -la > total 8 > drwxr-xr-x 1 billziss ANONYMOUS LOGON 0 Jun 23 23:57 . > dr-xr-xr-x 1 billziss None 0 Jun 24 15:56 .. > -rw-r--r-- 1 billziss ANONYMOUS LOGON 15 Jun 23 23:57 Foo.txt > billziss@windows:/cygdrive/y$ cacls Foo.txt /S > Y:\Foo.txt=20 > "D:P(A;;0x1f019f;;;S-1-5-21-383059176-2062642591-2866287538-1001)(A;;FR;;= ;A > N)(A;;FR;;;WD)" >=20 > billziss@windows:/cygdrive/y$ ls -lna > total 8 > drwxr-xr-x 1 197609 7 0 Jun 23 23:57 . > dr-xr-xr-x 1 197609 197121 0 Jun 24 15:58 .. > -rw-r--r-- 1 197609 7 15 Jun 23 23:57 Foo.txt > billziss@windows:/cygdrive/y$ >=20 > >> >=20 >=20 > Opinions? Let's better not use anonymous. It could be a security risk. It might not do harm, but it also might give unwanted access rights in some scenarios. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --CdrF4e02JqNVZeln Content-Type: application/pgp-signature; name="signature.asc" Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXcP/0AAoJEPU2Bp2uRE+gIZMP/i68Gzd0Ev7n/i3xxhvG/3+Z 19AVxbq4IzdK+AbsGO+Dcufc8zqpVIsn0Chico/BoVr4IuNDw8AF/2a82L5ARyIS rWtFgDrofxX4AtnMZtBLdVnPq9hsUoZuagveACyblwBe01nTdmVpCF990SX3hcBY ebCRcCt5z6dR19W5D57nKl2YaNH2vs+E5UY9gyBIHw/UNq9uFfLnJmR9//PKKaCo MYykTjCgIDvKn/phHbPLZYlqLmSrMNw0SkKsSAUW0zoJWJ3ecPOQhtm2H7kHqoRZ G4kHHYPaQzfLV1eHJpoZj1lNFG3IGHY13fmkGiapt/rJ010sAcR/N+CC5H6ikKiu vlC7HwAgJ0sG6U18BueoSKTNdfD5icI3J103IuC2SA2lybpMFnuDy4U7ZKiVhjz4 Jaq6SN3f8FGNj2WhFLkO+nmAZTY3qJGLpLVHcKGHd2XZWbVKUUcJQTcLNTQuMvFi ZDTMrAI4ci3Yom8LGwe84OdqzrlgB03thQrRrpqg9WcrnhNNcsuqTM5oT95y0ow7 Y0Aw+cNMGeYn/isDZC+39ncJ9+XDSBd2b8NQjpL2TGX3uZGtt1C758eWKlm+Qq4s DWor7PRYPv8QnLU+yI1uzpKUikUcO32xbjaHIrgDAwaPYyMTORRo1t8Utcx0nMCZ QaXK2K4z+5zGJdC+mESG =FHPy -----END PGP SIGNATURE----- --CdrF4e02JqNVZeln--