This is the mail archive of the
mailing list for the Cygwin project.
Re: No o+r permission for /usr/sbin/ssh-keysign.exe
- From: Andrey Repin <anrdaemon at yandex dot ru>
- To: Jan Bruun Andersen <jan_bruun_andersen at jabba dot dk>, cygwin at cygwin dot com
- Date: Mon, 7 Sep 2015 22:56:09 +0300
- Subject: Re: No o+r permission for /usr/sbin/ssh-keysign.exe
- Authentication-results: sourceware.org; auth=none
- References: <CAA3tTg-xO90s7MV=8fO-UOZLh=bL6f0mhjzyFttig34P83RF8A at mail dot gmail dot com>
- Reply-to: cygwin at cygwin dot com
Greetings, Jan Bruun Andersen!
> After an unfortunate mishap with an encryption key, I have started to
> rebuild my harddisk. And making sure I have a good backup :(
> I noticed a problem with the file permissions for /usr/sbin/ssh-keysign.exe:
> $ getfacl.exe /usr/sbin/ssh-keysign.exe
> # file: /usr/sbin/ssh-keysign.exe
> # owner: andersej
> # group: Domain Users
> For some reason, the Windows-based backup program (Seagate Manager)
> wants the Windows group "Everyone" to have read access.
The reason is that it is not a backup program, it is a file copying program.
Backup program must adjust its security token with SeBackupPrivilege.
> Otherwise it will report:
> ERROR >>> C:\cygwin64\usr\sbin\ssh-keysign.exe
> Access denied
> Is there some special reason for denying everyone read permission
> (o+r) to this file?
Yes. It is called "proper security".
> PS: I have the same problem with /etc/rebase.db.x86_64 which only have
> 660 permissions.
See above. Use real backup software, not dumb file copying software.
With best regards,
Monday, September 7, 2015 22:53:33
Sorry for my terrible english...
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple