CRITICAL ls MEMORY LEAK

Brian Inglis Brian.Inglis@SystematicSw.ab.ca
Mon Feb 22 23:47:02 GMT 2021


On 2021-02-22 14:50, Hans-Bernhard Bröker wrote:
> Am 22.02.2021 um 21:30 schrieb Brian Inglis:
> 
>> I've often wondered if the heavy activity is due to Windows' defaults to 
>> writing files with F+RX perms which triggers executable virus scans?
> 
> That could only be the case if Windows actually had an 'x' permission bit.

Strictly speaking, I am not sure if *Unix* has an 'x' permission bit, but most 
filesystems do provide such a facility (V/FAT e.g. some /boot/ do not), as do 
POSIX/Solaris ACLs, and Windows NTFS, whose ACLs have execute permissions:

$ icacls /? | egrep exec\|X
                 RX - read and execute access
                 GE - generic execute
                 X - execute/traverse

GE grants FILE_EXECUTE and STANDARD_RIGHTS_EXECUTE access rights.

Access Mask Format:
|31|30|29|28|27|26|25|24|23|22|21|20|19|18|17|16|15|14|13|12|11|10|9|8|7|6|5|4|3|2|1|0|
|GR|GW|GE|GA|27|26|25|AS|23|22|21|20|19|18|17|16|15|14|13|12|11|10|9|8|7|6|5|4|3|2|1|0|
|..generic..|reserved|..|.......standard........|...........object.specific...........|

GR GENERIC_READ
GW GENERIC_WRITE
GE GENERIC_EXECUTE
GA GENERIC_ALL
AS ACCESS_SYSTEM_SECURITY access Security ACL in object security descriptor

Windows also supports ACLs on system objects, and there may be similar features 
on SELinux.

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]


More information about the Cygwin mailing list