On Apr 8 16:40, Steven Penny wrote: > On Wed, Apr 8, 2015 at 5:17 AM, Steven Penny wrote: > > I upgraded to the new Cygwin today, why is this command producing different > > permissions? Moreover how do I get it to produce sane results? > > I was able to use these command to produce sane results > > $ cd /cygdrive/c > > $ touch bad.txt > > $ setfacl -k . > > $ touch good.txt > > $ ls -l *.txt > -rw-rwxr--+ 1 John None 0 Apr 8 02:16 bad.txt > -rw-r--r-- 1 John None 0 Apr 8 02:16 good.txt > > I feel that the default permissions are wrong here. On linux when you > create a new file with touch, it does not have executable permissions,
It's a result of ACL inheritance and before the changes to Cygwin's ACL handling, you wouldn't even have seen it. > for good reason. This would be a security issue. No, it's how ACL inheritence works on Windows, combined with the way the group permissions reflect the ACL mask value per POSIX 1003.1e draft 17. See, e.g, http://linux.die.net/man/5/acl, "Correspondence Between Acl Entries And File Permission Bits". Note that the group permission bits are reflecting all additional permissions added to the file by Windows ACL inheritance. So it's actually a great help identifying security issues. The real issue here is, of course, the fact that the mask value is not umask'ed at file creation time. This is WIP I'm actually working on right now. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgpGumasn9YpJ.pgp
Description: PGP signature
