Incongruence between cygwin and samba ACL handling

Corinna Vinschen
Thu Aug 14 14:05:00 GMT 2008

On Aug 14 12:54, Abramo Bagnara wrote:
> Symptoms (qw is a file is inside a samba share mounted with acl/smbntsec):
> $ chmod 600 qw
> $ stat qw
>   File: `qw'
>   Size: 225             Blocks: 1024       IO Block: 65536  regular file
> Device: 32e0244h/53346884d      Inode: 8800419127317  Links: 1
> Access: (0644/-rw-r--r--)  Uid: (12000/  abramo)   Gid: (12001/g_abramo)
> Access: 2008-08-13 23:02:47.000000000 +0200
> Modify: 2008-08-13 22:08:12.000000000 +0200
> Change: 2008-08-13 22:08:12.000000000 +0200
> As you see the permission given is 644 instead of 600.
> Verifying the sources of samba 3.0.28a and cygwin cvs, I've tracked down
> the problem to the following two incongruent behaviours:
> 1) cygwin add unconditionally FILE_READ_ATTRIBUTES and FILE_READ_EA to
> each security descriptor (see alloc_sd in
> 2) samba maps the presence of any beetwen FILE_READ_DATA, FILE_READ_EA,
> FILE_READ_ATTRIBUTES to Unix read permission (see map_nt_perms in
> posix_acls.c)
> I think that the bug is in cygwin as I'm unable to see the reason to add
> the right to read attributes when it's asked to deny read permission,
> but perhaps I'm missing something.
> As this situation leads to give unwanted permissions, I guess this
> should considered a major bug in cygwin (or samba).
> I'm willing to produce a proper patch (or to submit a bug report to
> samba developers), once heard your opinions.

First of all, bug reports like this should go to the main cygwin mailing
list, not to the developer's list.

Second, this is long standing behaviour in Cygwin.  I'm surprised that
nobody has encountered this before.  I guess, since the default is
"nosmbntsec" in Cygwin 1.5, not many people are really using real
permissions on Samba.

I was inclined to say that this is neither a Cygwin, nor a Samba bug,
since Cygwin has good reasons to set the FILE_READ_ATTRIBUTES and
FILE_READ_EA flags (Everybody must be able to read this for POSIX
permission handling) as well Samba has good reasons to set the read
permission bit if any one of these permission flags is set.

However, this is nothing we can't fix by a bit of special casing for
Samba, which we do in a couple of other places anyway.  Additionally,
there's no good reason anymore to set the FILE_WRITE_EA/ FILE_READ_EA
flags unconditionally, since these flags where only necessary to
implement "CYGWIN=ntea", which isn't available anymore in 1.7.  So I
removed setting these flags entirely and cleaned the flag settings
generally.  I think now it should work fine for real NTFS as well as
for Samba.  Just one thing is not possible:  You can't remove owner
read permission from a file on Samba.  Looks like a Samba feature.

I applied a patch to CVS.  Please test the next snapshot, or the next
cygwin 1.7.0 version in the 1.7 release area.

Thanks for the report,

Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

More information about the Cygwin-developers mailing list