Group Permissions on root folders problem (Windows 10 TP build 10061)
Corinna Vinschen
corinna-cygwin@cygwin.com
Thu Sep 10 17:29:00 GMT 2015
On Sep 10 12:07, Ken Brown wrote:
> On 9/10/2015 11:49 AM, David A Cobb wrote:
> >On a Windows-10 host: when I use Cygwin *chown***or *chmod *to make
> >permission changes, the next time I access the folder-tree from Windows
> >Explorer Security tab, it complains that the Access Control List is
> >incorrectly ordered and that will cause undesirable results; happy to
> >say, it gives me the chance to re-order the ACL. The usual undesirable
> >result is that an app can create a folder /New/ within /T/ but cannot
> >create anything within /T/////New/.
> >
> >Hypothesis: we are indirectly(?) modifying the ACL but are not observing
> >whatever Windows expects for ordering. I know that Windows enforces
> >"*deny*" rules before any "*allow*" rules; I do not know what other
Ken's right, the docs explain it basically.
Additionally it's important to stress the fact that Windows does not
actually enforce the so-called "canonical" order. It does so only in
some circumstances, as in the GUI. In fact it's only a "nice to have",
not an OS limitation. The evalation order of ACLs is the only
interesting factor and that works the same way, independently from the
ACL being canonical or not. Therefore the Cygwin-generated ACLs are not
necessarily canonical, but still valid.
Just *don't* reorder them in the GUI, unless you really know what you're
doing.
> >ordering it observes. I do know that Windows doesn't really consider
> >the "group" property the same way POSIX does, FWIW.
>
> This is explained in the Cygwin User's Guide:
>
> https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-files
>
> Ken
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20150910/ba14dc29/attachment.sig>
More information about the Cygwin
mailing list