This is the mail archive of the
cygwin-developers@cygwin.com
mailing list for the Cygwin project.
Re: ntsec change needed to read one of my partitions
On Tue, Nov 25, 2003 at 11:22:59AM +0100, Corinna Vinschen wrote:
>On Tue, Nov 25, 2003 at 12:23:23AM -0500, Pierre A. Humblet wrote:
>> At 11:28 PM 11/24/2003 -0500, Christopher Faylor wrote:
>> >On Mon, Nov 24, 2003 at 11:06:16PM -0500, Pierre A. Humblet wrote:
>> >>>FWIW, the size returned by read_sd was 4144 so bumping things up to
>> >>>8192 was probably overkill.
>> >>
>> >>4144 IS very strange, way high.
>
>I first observed weird sizes on NT4 already. See my comment at the
>beginning of get_nt_attribute(). The information in the SD didn't
>seem to reflect the number of ACEs in the DACL but...
>
>> >>What does cacls report?
>> >
>> > k:\ BUILTIN\Administrators:(OI)(CI)F
>> > NT AUTHORITY\SYSTEM:(OI)(CI)F
>> > CREATOR OWNER:(OI)(CI)(IO)F
>> > BUILTIN\Users:(OI)(CI)R
>> > BUILTIN\Users:(CI)(special access:)
>> > FILE_APPEND_DATA
>> >
>> > BUILTIN\Users:(CI)(IO)(special access:)
>> > FILE_WRITE_DATA
>> >
>> > Everyone:R
>>
>> That's 7 ACE's, each with a short SID. Ballpark size
>> should be < 200 bytes. Something weird is going on.
>
>...what about the SACL? I doubt that it's actually 4K, though.
>
>> Also CREATOR OWNER:(OI)(CI)(IO)F
>> doesn't match default:user::---
>> We may be forgetting flags such as GENERIC_XYZ
>
>Hmm, I'm having basically the same entries as above (plus some
>additional SYNCHRONIZE bits) and my creator_owner entry is identical:
>
> CREATOR OWNER:(OI)(CI)(IO)F
>
>But getfacl correctly prints
>
> default:user::rwx
>
>> It surely would be interesting to dump the sd_buf
>> from gdb. I don't doubt that Corinna would look forward
>> to decode all 4144 bytes.
>
>You're kidding. How should one know what the bytes after the regular
>length are? It would be interesting, though, to get the ace->Mask entry
>of the creator owner ACE.
>
>Chris, could you apply the below patch and send the created debug
>output to this list? For instance, the above creator owner entry looks
>like this on my system:
>
>24 12756 [main] getfacl 1884 cygpsid::debug_print: SID S-1-3-0
>20 12776 [main] getfacl 1884 getacl: Type: 0, Flags: B, Mask: 1F01FF
This is from an egrep 'cygpsid:|getacl:' ~/tmp/strace.out:
641 200790 [main] getfacl 42232 cygpsid::debug_print: get_sids_info: owner SID = S-1-5-32-544
639 201429 [main] getfacl 42232 cygpsid::debug_print: get_sids_info: group SID = S-1-5-18
633 235649 [main] getfacl 42232 getacl: AceCount: 7
608 236257 [main] getfacl 42232 cygpsid::debug_print: SID S-1-5-32-544
687 236944 [main] getfacl 42232 getacl: Type: 0, Flags: 3, Mask: 1F01FF
608 237552 [main] getfacl 42232 cygpsid::debug_print: SID S-1-5-18
566 238118 [main] getfacl 42232 getacl: Type: 0, Flags: 3, Mask: 1F01FF
533 238651 [main] getfacl 42232 cygpsid::debug_print: SID S-1-3-0
528 239179 [main] getfacl 42232 getacl: Type: 0, Flags: B, Mask: 10000000
637 239816 [main] getfacl 42232 cygpsid::debug_print: SID S-1-5-32-545
532 240348 [main] getfacl 42232 getacl: Type: 0, Flags: 3, Mask: 1200A9
522 240870 [main] getfacl 42232 cygpsid::debug_print: SID S-1-5-32-545
551 241421 [main] getfacl 42232 getacl: Type: 0, Flags: 2, Mask: 4
522 241943 [main] getfacl 42232 cygpsid::debug_print: SID S-1-5-32-545
535 242478 [main] getfacl 42232 getacl: Type: 0, Flags: A, Mask: 2
533 243011 [main] getfacl 42232 cygpsid::debug_print: SID S-1-1-0
555 243566 [main] getfacl 42232 getacl: Type: 0, Flags: 0, Mask: 1200A9
522 244088 [main] getfacl 42232 getacl: 10 = getacl (k:\)
cgf