This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ntsec patch 1: uid==gid, chmod, alloc_sd, is_grp_member


At 05:50 PM 11/13/2002 +0100, Corinna Vinschen wrote:
>
>The above ls -l example shows the result if we don't use is_grp_member().
>We already had a lot of problems due to this some time ago.  I won't return
>to the old state.  I, for one, would better like to improve is_grp_member().

Hello Corinna,

Sorry, didn't respond to that paragraph in my previous e-mail.
I agree that is_grp_member () is useful and withdraw my suggestion to 
eliminate it.
It's also clear that the Windows and Posix security models do not
match perfectly, and it's impossible to deduce the "owner mode"
from a Windows ACL (except if built by Cygwin, or with hierarchical
permissions). There is no way to make is_grp_member work perfectly, 
as one cannot predict the groups that a user will be in when she 
accesses a file. 
I would say that the comparison (on your example) of the existing method 
and the current patch show that the current patch better reflects the 
"reality", because it only tries to do so when the actual current token 
groups are known and the "reality" is well defined (*). 
Thus I suggest that we use the method of the patch for now, and think
of improving is_grp_member if/as we get specific reports of problems. 
What do you think?

Pierre

(*) I just noticed that getgroups32 should read the impersonation token
if it exists.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]