Jon Turney wrote:
On 02/09/2022 16:17, Christian Franke wrote:
Jon Turney wrote:
On 28/08/2022 18:33, Christian Franke wrote:
As the 'root_scope' issues are now fixed, here a reworked and
enhanced (checkbox, setup.rc entry) version of the original patch
from this thread.
With the new setting enabled, setup behaves like other install
tools when run elevated: The installation is then also protected
against accidental modifications by the current user.
owner:group assignments of newly installed dirs/files:
adm:adm -- "All Users", "[X] Change owner of newly installed files
to local Administrator"
usr:adm -- "All Users"
usr:def -- "Just Me"
(usr = user running setup, adm = S-1-5-32-544, def = S-1-5-21-*-513)
Thanks. When writing the change summary for the last RC, I wondered
what the file owner should be.
I guess my question is, if adm:adm ownership is correct, and
expected for consistency with other Windows installers, why not make
that the default? and then do we really need to provide the current
behaviour as an option, if it's "wrong".
Two good questions. I'm not sure.
Well, perhaps we can explore that by asking what is the motivation for
this change? Does the current situation cause you a problem? Is is it
just motivated by the concern that the user running setup could
accidentally modify the installation, or something else?
If "All Users" is selected, the installation should IMO be protected
against the same user if not elevated. This is automatically the case
for other installers because Windows sets TokenOwner=Administrator if
elevated.
Corinna had some concerns about making the owner a group, rather than
a user, which I believe historically caused some difficulties in
Cygwin, so I think I'll need to understand that better before making a
decision about this change.
I see. Do you have any info about these difficulties?
Are these still relevant? If yes, let's forget this patch.
