This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: I'd like to have an unreadable file


Tim McDaniel wrote:
I'd like to test a script by giving it an unreadable file as an
argument.

I usually log in as a user, but one that's in the Administrators
group.  I made the file (a text file containing just "hello") owned by
user Administrator with absolutely no permissions for anyone else.
Cygwin uses a little-known aspect of the NT security model. Besides permissions, there are also privileges. And administrators have the backup/restore privilege enabled by default, which means that they can bypass ACLs (access control lists). [1]

Try with a standard user, not a members of the administrator's group.

[1] You can use the editrights cygwin utility to manipulate privilieges. For example, editrights.exe -l -u Administrateurs should list SeBackupPrivilege and SeRestorePrivilege among others. And you inherit these privilieges from group membership.

--
Sylvain RICHARD


-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]