Solving ntsec problems?
Pierre A. Humblet
Pierre.Humblet@ieee.org
Sun Nov 3 20:36:00 GMT 2002
At 09:09 AM 11/4/2002 +1100, Robert Collins wrote:
>
>> OTOH, one thing that we could do is only turn on executable bits that
>> exist in the tar archives since those are still available.. We could
>> have something which does a fixup only on extracted files which are
>> supposed to be executable.
>
>I'd rather extract the ntsec unix->win32 acl logic to a static library
>that both cygwin1.dll and setup.exe can incorporate.
Isolating ntsec in a library is a big job, unnecessary.
Setup probably needs only a small part of ntsec. Copying some
functions from sec_acl.cc and security.cc should be enough.
It seems to me that the main thing we want setup to set is the acl
entry for the owner (which will Administrators if the user running
setup is privileged) and for Everyone (i.e. both group and other).
What else do you want to control?
That shouldn't even require reading the passwd file.
Pierre
More information about the Cygwin-developers
mailing list