This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Turning off execute permission


On Mar  7 08:36, Eric Blake wrote:
> According to Paul McFerrin on 3/7/2009 12:49 AM:
> > I've been reading:
> > http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-files
> > on the execute permissions.  Did I read that it was impossible to deny
> > execute permissions??  In my tests, the follow is always "true" if a
> > file has no execute permissions: (mode 666 or 000)
> >  [ -x apachectl ]
> >  test -x apachectl
> > for all of the shells
> 
> Are you operating as an administrator?  Just as in Linux, the superuser
> has the privilege of executing any file regardless of its permissions.
> test -x uses access() and not stat() to determine the answer of whether
> the file is executable for the currently logged on user, so this is
> accurately reporting what you are able to do with the file, regardless of
> what the permission bits are on the file.

That's not quite right.  The execute bit is not affected from being
an admin or not.  Here's an access check on Cygwin using one of my
test hacks.  Hein is just some user, corinna is an admin:

  $ ls -l 
  [~]$ ll x.*
  -rw------- 1 hein vinschen   360 Feb 13 15:24 x.c
  -rwx------ 1 hein vinschen 34352 Feb 13 18:40 x.exe
  $ tests/access x.c
  access (x.c, F_OK) = 0
  access (x.c, R_OK) = 0
  access (x.c, W_OK) = 0
  access (x.c, X_OK) = -1 <Permission denied>
  $ tests/access x.exe
  access (x.c, F_OK) = 0
  access (x.c, R_OK) = 0
  access (x.c, W_OK) = 0
  access (x.c, X_OK) = -1 <Permission denied>

That's different from Linux BTW, because the x.exe check would have
allowed root to execute x.exe.  Linux does so if any single execute
bit is set in the permission bits.  But that's not the case on
Windows and the above access result actually reflects the truth.

As for the -x apachectl check in Paul's case, it doesn't work that
way for me:

  $ test -x x.c && echo exe || echo no-exe
  no-exe

I'm wondering if the file apachectl has a somewhat more complicated ACL.
The ouptut of `cacls apachectl' might give a hint.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]