Pierre A. Humblet
Fri Apr 16 14:28:00 GMT 2004

Corinna Vinschen wrote:
> On Apr 15 12:58, Pierre A. Humblet wrote:
> > I tried this:
> >
> > /> touch aaa bbb
> > /> ls -l aaa bbb
> > -rw-r--r--    1 PHumblet Clearuse        0 Apr 15 12:34 aaa
> > -rw-r--r--    1 PHumblet Clearuse        0 Apr 15 12:34 bbb
> > /> chown testuser bbb
> > /> chown phumblet:544 aaa bbb
> > /> ls -l aaa bbb
> > -rw-r--r--    1 PHumblet Administ        0 Apr 15 12:34 aaa
> > -rw-r--r--    1 PHumblet Administ        0 Apr 15 12:34 bbb
> >
> > Note that I could chown bbb back to PHumblet because I became
> > privileged while changing the group of aaa.
> > The point is that the initial open of bbb worked.
> Sorry, but it's not clear to me how you come to this conclusion.
> chown(1) uses chown(2), not fchown(2).  So the files are always
> opened using the open_fs call in fhandler_disk_file::fchown.
> You could have called `chown phumblet bbb' and it would have
> worked as well.  Or do I miss some something?  What did you change
> in the source code for that test?

I was running with the version that was only trying query_write_control.
The file was owned by testuser, so "chown phumblet bbb" failed (no 
RESTORE_NAME priv, see earlier e-mail) but "chown phumblet:544 aaa bbb"
worked (RESTORE_NAME priv obtained while working on aaa).
By getting RESTORE_NAME earlier we can avoid the fallback to 

> I still don't see why
> it should have an advantage to not set FILE_FLAG_BACKUP_SEMANTICS.

No advantage if you call CreateFile. But at that time I was still
pursuing the idea of DuplicateHandle and I was wondering if having
FILE_FLAG_BACKUP_SEMANTICS in the initial open was necessary. 
MS is not clear about combinations work or don't work.

I have now removed the test (owner != cygheap->user.sid ()) in write_sd
and don't observe problems. NtSetSecurityObject appears to be atomic.


More information about the Cygwin-developers mailing list