This is the mail archive of the cygwin@sourceware.cygnus.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: not updating unwritable cache ../config.cache


On 6 Oct 99, at 11:51, Charles S. Wilson wrote:

> #513 is "None" in english.) I believe you have discovered a *different*
> problem, which is a bug. Echo doesn't seem to check permissions. If you
> do a

Huh?! Echo (rather, bash) _should not_ check permissions. It
should just try to do what it's told to do.

> if [ -w test ]; then echo writable; else echo non-writable; fi
>
> you should see the results I described.

Well yes, and _that_ is the bug.

Under Unix, this is typically done with supplementary groups (from our server:
$ id
uid=1000(kai) gid=1000(kai) groups=1000(kai),20(dialout),33(www-data),50(staff),102(entwicklung),104(everyone)
$
), but of course that isn't _exactly_ what NT does.

The usual solution (even under Unix) is that most accesses just try
and see if the kernel lets them through, and stuff like test uses
access() which maps, again, to a system call so the kernel
determines if the access in question is possible. The stat() results
should only ever be used for security outside the kernel in
extraordinary circumstances.

Of course, cygwin _could_ define parts of newlib as kernel, but in
this particular case, that seems pointless. Security that only works
for programs compiled with cygwin seems futile.

On the other hand, I don't know what the Win32 analog to access()
would be. Maybe the only choice is to actually try to open the file
(except for the existence test, of course).

> > > 2) Don't do things as a member of the Administrators group member. Use a
> > > normal user account.
> >
> > It's the only one I have.
>
> However, if you have administrator priveleges, then you can certainly
> create a normal user account. If you *choose* not to do this, that is
> your right and your decision.

If I create a different account, then NT will keep me from important
applications, I'll have trouble getting at my mail, I'll have trouble
mapping network drives, ...

Not really unsolvable, but a _huge_ amount of work.


Regards - Kai Henningsen

--
http://www.cats.ms
Spuentrup CTI       Fon: +49 251 322311 0
Windbreede 12       Fax: +49 251 322311 99
D-48157 Münster     Mob: +49 161 3223111
Germany             GSM: +49 171 7755060

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]