This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: POSIX permission mapping and NULL SIDs
- From: Bill Zissimopoulos <billziss at navimatics dot com>
- To: "cygwin at cygwin dot com" <cygwin at cygwin dot com>
- Date: Fri, 24 Jun 2016 22:31:22 +0000
- Subject: Re: POSIX permission mapping and NULL SIDs
- Authentication-results: sourceware.org; auth=none
- Authentication-results: spf=none (sender IP is ) smtp dot mailfrom=billziss at navimatics dot com;
- References: <D392BA70 dot 95D4%billziss at navimatics dot com> <20160624195144 dot GB27089 at calimero dot vinschen dot de> <D392F074 dot 962E%billziss at navimatics dot com> <20160624215948 dot GD27089 at calimero dot vinschen dot de>
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
On 6/24/16, 2:59 PM, "Corinna Vinschen" <cygwin-owner@cygwin.com on behalf
of corinna-cygwin@cygwin.com> wrote:
>>>If you want some specific mapping we can arrange that, but it must not
>> >be the NULL SID. If you know you're communicating with a Cygwin
>>process,
>> >what about using an arbitrary, unused SID like S-1-0-42?
>>
>> I am inclined to try S-1-5-7 (Anonymous). But I do not know if that is a
>> bad choice for some reason or other.
>
>I thought about Anonymous myself when I wrote my reply to your OP. I
>refrained from mentioning it because it might have some unexpected side
>effect we're not aware about.
Let me try this with the Anonymous SID and see what happens. In the
meantime I am going to ping some contacts from my MS days to see if there
are indeed unintended consequences.
>Keep in mind that Interix only supported standard POSIX permission bits.
>Cygwin strives to support POSIX ACLs per POSIX 1003.1e draft 17. That's
>a bit more extensive.
Yes, that is beginning to dawn on me now that I have taken a better look
at sec_acl.cc.
Bill