ACLs are not handled correctly

Dierk Schmedes dierk@newsguy.com
Fri Oct 31 10:39:00 GMT 2003


Hi,

first my config: MS Windows XP SP1, cygwin 1.5.5 (actual version - 2 days old)

Problem: nearly each tool that the create or modify a file/directory (e.g. cp,
touch, setfacl) ignore the ALCs of the current directory or add further 
users/groups to it.

Example
/home/dierk has the following ACLs (listed with xcalcs.exe from the MS
resource
kit; same with Explorer)

xcalcs F:/cygwin/home/dierk
f:\cygwin\home\dierk <domainname>\dierk:F
                     NT AUTHORITY\SYSTEM:(OI)(CI)(IO)R

Now I create a new file (e.g. touch /home/dierk/newfile). Everyone expect that
the file has the same rights as my home folder /home/dierk, BUT that isn't -
see
below:

xcacls F:/cygwin/home/dierk/newfile
f:\cygwin\home\dierk\newfile <domainname>\dierk:(special access:)
                                                     STANDARD_RIGHTS_ALL
                                                     DELETE
                                                     READ_CONTROL
                                                     WRITE_DAC
                                                     WRITE_OWNER
                                                     SYNCHRONIZE
                                                     STANDARD_RIGHTS_REQUIRED
                                                     FILE_GENERIC_READ
                                                     FILE_GENERIC_WRITE
                                                     FILE_READ_DATA
                                                     FILE_WRITE_DATA
                                                     FILE_APPEND_DATA
                                                     FILE_READ_EA
                                                     FILE_WRITE_EA
                                                     FILE_READ_ATTRIBUTES
                                                     FILE_WRITE_ATTRIBUTES

<domainname>\Domain Users:(special access:)                                   
READ_CONTROL
                                                     FILE_READ_EA
                                                     FILE_READ_ATTRIBUTES

                             Everyone:(special access:)
                                               READ_CONTROL
                                               FILE_READ_EA
                                               FILE_READ_ATTRIBUTES

 As you can see the ACLs are completly different to the one of my home folder.

Similar behaviour when I use setfacl, it adds automatically the last two (
<domainname>\Domain Users and Everyone) to the ACL even I don't want it.

This has strange impacts if "ntsec" is set for CYGWIN because you may have
than
no access to your own files.

 Dierk


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list