This is the mail archive of the
cygwin-developers
mailing list for the Cygwin project.
Re: 1.7.5: Occasional failure of CreatePipe or signal handing due to thread-unsafe code in cwdstuff::set
On Aug 12 17:30, Corinna Vinschen wrote:
> On Aug 12 17:26, Corinna Vinschen wrote:
> > On Aug 12 16:38, Corinna Vinschen wrote:
> > > On Aug 12 10:12, Christopher Faylor wrote:
> > > > On Thu, Aug 12, 2010 at 04:01:54PM +0200, Corinna Vinschen wrote:
> > > No. I never came across a directory which is not writable under
> > > SE_BACKUP_NAME conditions.
> >
> > Erm...
> >
> > ... come to think of it, regardless of SE_BACKUP_NAME, if the
> > application uses CreateFile without the FILE_FLAG_BACKUP_SEMANTICS flag,
> > which is not really typical for Win32 calls anyway, then the application
> > will get an ERROR_ACCESS_DENIED when trying to create a file in such
> > a directory.
> >
> > Shouldn't that be sufficient?
>
> No, it's not. A non-admin user or a admin user in a non-elevated
> shell won't be able to open the dir in the first place.
Nonsens. I'm getting headaches.
If the directory has r-xr-xr-x permissions, then *everybody* can change
into that directory but *nobody* can create files or directories in
that directory, unless the user is an admin with SE_BACKUP_NAME active
*and* using the FILE_FLAG_BACKUP_SEMANTICS flag in CreateFile.
Is that sufficient?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat