This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: full control for non owner and resulting 'cp' created file perms
- From: Brian Dessent <brian at dessent dot net>
- To: cygwin at cygwin dot com
- Date: Sat, 01 Mar 2008 13:45:24 -0800
- Subject: Re: full control for non owner and resulting 'cp' created file perms
- References: <200803012102.m21L276p016693@tigris.pounder.sol.net>
- Reply-to: cygwin at cygwin dot com
Tom Rodman wrote:
> The file "zam" below has slightly unusual windows permissions -
> it does not inherit from it's parent dir, the owner of the
> file has no ACES, another user "staffuser1" has full control.
Is staffuser1 an administrator? Cygwin opens files using the 'backup'
privilege in order to emulate the POSIX semantics that root can access
any file regardless of permissions. But of course the backup privilege
requires the user to be an administrator so there's no real privilege
leak, since an administrator can always take ownership of the object and
set an arbitrary dacl.
This started with 1.5.22:
<http://cygwin.com/ml/cygwin-announce/2006-11/msg00034.html>
Brian
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/