OK. Here is an example of the way permissions leak out to "Everyone". I
create a new file, with no permissions granted to "other". Cygwin shows this
to have worked OK. Yet in actual fact there is an ACL there giving Everyone
some access rights. I usually choose not to have "Everyone" authorised to do
anything on my Windows NT/2000 boxes, using Authorised Users instead. This
way, without a valid login, you cannot get any information, including
usernames and ACLs.
How can I stop cygwin setting these ACLs?
[628 chris-mob /]$ umask
0007
[629 chris-mob /]$ touch delme
[630 chris-mob /]$ ls -al delme
-rw-rw---- 1 Administ wheel 0 Sep 15 17:31 delme
[631 chris-mob /]$ getfacl delme
# file: delme
# owner: Administrator
# group: wheel
user::rw-
group::rw-
mask:rwx
other:---
[632 chris-mob /]$ cacls delme
C:\cygwin\delme CHRIS-MOB\Administrator:(special access:)
STANDARD_RIGHTS_ALL
DELETE
READ_CONTROL
WRITE_DAC
WRITE_OWNER
SYNCHRONIZE
STANDARD_RIGHTS_REQUIRED
FILE_GENERIC_READ
FILE_GENERIC_WRITE
FILE_READ_DATA
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_READ_EA
FILE_WRITE_EA
FILE_READ_ATTRIBUTES
FILE_WRITE_ATTRIBUTES
BUILTIN\Administrators:(special access:)
READ_CONTROL
SYNCHRONIZE
FILE_GENERIC_READ
FILE_GENERIC_WRITE
FILE_READ_DATA
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_READ_EA
FILE_WRITE_EA
FILE_READ_ATTRIBUTES
FILE_WRITE_ATTRIBUTES
Everyone:(special access:)
READ_CONTROL
FILE_READ_EA
FILE_READ_ATTRIBUTES
[633 chris-mob /]$
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
