This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: Hello and cygwin quesiton
- From: Igor Pechtchanski <pechtcha at cs dot nyu dot edu>
- To: Yap on ExactGeom <yap at cs dot nyu dot edu>
- Cc: cygwin at cygwin dot com
- Date: Thu, 4 Dec 2003 23:28:33 -0500 (EST)
- Subject: Re: Hello and cygwin quesiton
- References: <3F7A1AC0.3050503@cs.nyu.edu> <Pine.GSO.4.56.0309301000130.3193@slinky.cs.nyu.edu><3F7B0C4E.4090000@cs.nyu.edu> <Pine.GSO.4.56.0309302349060.26607@slinky.cs.nyu.edu><3FCFEB95.2030100@cs.nyu.edu>
- Reply-to: cygwin at cygwin dot com
Chee,
'/bin/vi' is a Cygwin program, and uses Cygwin system calls to create and
write files. Thus, the permissions it gives to newly-created files are
consistent with the other Cygwin apps. 'gvim' is probably a pure Windows
program, which uses the Windows API calls directly, so it gives new files
the same Windows permissions as, say, notepad does. As I mentioned
before, this is the way Windows behaves by default: the files inherit the
ACLs of the parent directory. Cygwin actually fixes up the ACLs later to
make them more reasonable.
For example (feel free to skip the following unless you want details):
<TECHNICAL STUFF>
======================== begin listing ========================
$ cmd /c 'type nul > a.txt'
$ cacls a.txt
C:\cygwin\tmp\acltest\a.txt BUILTIN\Administrators:(special access:)
READ_CONTROL
SYNCHRONIZE
FILE_GENERIC_EXECUTE
FILE_READ_EA
FILE_EXECUTE
FILE_READ_ATTRIBUTES
PECHTCHA\igor:F
Everyone:(special access:)
READ_CONTROL
SYNCHRONIZE
FILE_GENERIC_EXECUTE
FILE_READ_EA
FILE_EXECUTE
FILE_READ_ATTRIBUTES
$ touch b.txt
$ cacls b.txt
C:\cygwin\tmp\acltest\b.txt PECHTCHA\igor:(special access:)
STANDARD_RIGHTS_ALL
DELETE
READ_CONTROL
WRITE_DAC
WRITE_OWNER
SYNCHRONIZE
STANDARD_RIGHTS_REQUIRED
FILE_GENERIC_READ
FILE_GENERIC_WRITE
FILE_READ_DATA
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_READ_EA
FILE_WRITE_EA
FILE_READ_ATTRIBUTES
FILE_WRITE_ATTRIBUTES
BUILTIN\Administrators:(special access:)
READ_CONTROL
FILE_READ_EA
FILE_READ_ATTRIBUTES
Everyone:(special access:)
READ_CONTROL
FILE_READ_EA
FILE_READ_ATTRIBUTES
$
========================= end listing =========================
Note that the :F (full access) contains the following permissions:
STANDARD_RIGHTS_ALL
DELETE
READ_CONTROL
WRITE_DAC
WRITE_OWNER
SYNCHRONIZE
STANDARD_RIGHTS_REQUIRED
FILE_GENERIC_READ
FILE_GENERIC_WRITE
FILE_GENERIC_EXECUTE
FILE_READ_DATA
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_READ_EA
FILE_WRITE_EA
FILE_EXECUTE
FILE_DELETE_CHILD
FILE_READ_ATTRIBUTES
FILE_WRITE_ATTRIBUTES
For people on this list who are interested, the relevant ACL allocation
code is in the alloc_sd() function in winsup/cygwin/security.cc.
</TECHNICAL STUFF>
In short, there's really not much you can do, other than, perhaps, turn
off "ntsec" (by adding "nontsec" to your CYGWIN environment variable, see
<http://cygwin.com/cygwin-ug-net/using-cygwinenv.html> and
<http://cygwin.com/cygwin-ug-net/ntsec.html>) at the risk of some services
not working, e.g., cron, sshd, etc. Or you could change the permissions
by hand every time. Or, if all you care about is how the files are
displayed, use the dircolors command ("man dircolors" for details).
Igor
On Fri, 5 Dec 2003, Yap on ExactGeom wrote:
> Dear Igor,
> I guest there were no improvements on the execute permission problem.
>
> But I just realized that "vi" under cygwin is smart enough
> not to give execute permissions to the files it writes
> out. It simply keep the original permissions. Why can't gvim
> do the same?
>
> Best,
> --Chee
>
> Igor Pechtchanski wrote:
>
> >Chee,
> >
> >Well, there are people on this list who are more versed in Windows
> >permissions issues than I, and hopefully they'll intervene and either
> >confirm or refute my answer. If I had to guess, I'd say this has to do
> >with inheritable permissions -- if a directory has an execute permission
> >and the flag is set that makes all files and subdirectories inherit that
> >permission, all your files will be marked executable. You can try to use
> >the Windows permissions dialog to uncheck the "allow objects to inherit
> >permissions" box, and this might solve the problem. I'm not sure why you
> >didn't have this problem on Win2k (I do), but it could be because of some
> >unique permissions setup.
> >
> >Hope this helps,
> > Igor
> >
> >On Wed, 1 Oct 2003, Yap on ExactGeom wrote:
> >
> >
> >
> >>Dear Igor,
> >>Nice to hear from you, and thanks for the clarification!
> >>
> >>I understand your explanation of the difference between
> >>gvim and vim. But there is still a mystery.
> >>
> >>In my previous installation of cygwin, no such problems
> >>arise. The difference is that my previous system was Windows 2000
> >>and my current one is Windows XP. Can you explain this?
> >>
> >>Thanks,
> >>--Chee
> >>
> >>Igor Pechtchanski wrote:
> >>
> >>
> >>
> >>>On Tue, 30 Sep 2003, Yap on ExactGeom wrote:
> >>>
> >>>
> >>>
> >>>>Dear Igor,
> >>>>
> >>>>How are you? I noticed that you are an active developer of cygwin.
> >>>>I really liked this platform and our Core Library is developed
> >>>>on this mainly. I have a question:
> >>>>
> >>>>In my recent (June) installation of cygwin, there was an annoying
> >>>>bug -- many of the files that I create are automatically given
> >>>>the execute permission. [Since my "ls" will automatically show
> >>>>me which files are executable, this is VERY annoying.]
> >>>>But this behavior is not universal. If I have a non-executable
> >>>>file, and I exit it using gvim, the file will become executable.
> >>>>But using vim, it remains non-executable. But I don't think
> >>>>the program is with a bad installation of gvim, because this
> >>>>phenomenon shows up in other places.
> >>>>
> >>>>Heard of this bug before?
> >>>>Thanks, Chee
> >>>>
> >>>>
> >>>Hi, Chee,
> >>>
> >>>Great to hear from you.
> >>>
> >>>I'm redirecting this reply to the general Cygwin list, mostly to get this
> >>>into the archives (because I know others are having this same problem).
> >>>Also, this brings your question up before a large body of expertise --
> >>>perhaps someone else will find something I've missed.
> >>>
> >>>This is not a bug, but rather an artifact of the default permissions files
> >>>get when written by Windows programs. Gvim is a pure Windows program, in
> >>>contrast with vim, which is a Cygwin one. Also, vim writes files
> >>>in-place, whereas gvim creates a new copy -- hence the change in
> >>>permissions. Unfortunately, there isn't anything you can easily do to fix
> >>>this. I have a script (attached) that I run periodically on my system to
> >>>fix the executable permissions. It's not foolproof, but it's better than
> >>>nothing (and it should err on the conservative side).
> >>> Igor
> >>>[fixexec script snipped]
> >>>
> >>>
> >
> >
> >
>
>
> --
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> Problem reports: http://cygwin.com/problems.html
> Documentation: http://cygwin.com/docs.html
> FAQ: http://cygwin.com/faq/
>
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha@cs.nyu.edu
ZZZzz /,`.-'`' -. ;-;;,_ igor@watson.ibm.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster." -- Patrick Naughton
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/