This is the mail archive of the
mailing list for the Cygwin project.
Necessary To Query SACL Information?
- From: Bryan Berns <bryan dot berns at gmail dot com>
- To: cygwin at cygwin dot com
- Date: Sun, 12 Oct 2014 20:37:18 -0400
- Subject: Necessary To Query SACL Information?
- Authentication-results: sourceware.org; auth=none
I noticed when I launch an executable, Cygwin queries SACL information
on the executable (which I can see in Process Monitor as a
'QuerySecurityFile' operation). On some of my protected file servers,
this generates a failure audit. Looking at the source code, I'm going
to guess this might be from the NtQuerySecurityObject call in
security.cc which requests SACL information by asking for for
ALL_SECURITY_INFORMATION. Does Cygwin really need to query this
information? Aside from keeping my audit logs clean, it seems like it
might be an opportunity for optimizing the executable launch process
if Cygwin doesn't really need this (or some of the other information
that ALL_SECURITY_INFORMATION provides).
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple