This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.1


On 24/10/14 02:43, Corinna Vinschen wrote:
> On Oct 22 20:57, Tom Schutter wrote:
>> On Wed 2014-10-22 11:23, Corinna Vinschen wrote:
>>> For your convenience I wrote new documentation.  Since this is a TEST
>>> prerelease, the new documentation is not part of the official docs yet.
>>> Rather have a look at
>>>
>>>   https://cygwin.com/preliminary-ntsec.html
>> "machine is no domain member" -> "machine is not a domain member"
> Thanks, I applied this as patch.
>
>
> Corinna
>

Obviously, all the URLs for the section called âMapping Windows accounts to POSIX accountsâ will become correct when the file is renamed from preliminary-ntsec.html to ntsec.html. But in the section where you talk about the 'problem with the definition of a "correct" ACL which disallows mapping of certain POSIX permissions cleanly', previously the URL referenced immediately after that text appeared as 'the section called "The POSIX permission mapping leak" ', but now it's yet another reference to 'the section called âMapping Windows accounts to POSIX accountsâ'

-- Is that a mistake?

Other suggestions/notes:

'One of them is that the idea to have always small files is flawed.'
-->
'One of them is that the idea that these files will always be small, is flawed.'

'so we rely on some mechanism to convert SIDs to uid/gid values and vice versa'
-->
'so we need a mechanism to convert SIDs to uid/gid values and vice versa'

'It allows [us] to generate uid/gid values '

'Read /etc/passwd and /etc/group files [if they exist], just as in the olden days'

'If [the passwd or group] files are present, they will be scanned on demand'

'Logon SIDs: The own[huh?  owner's?  user's?] LogonSid is converted'

'if the AD administrators chose an unreasonable[unreasonably] small'

'which keeps an analogue value of the trustPosixOffset'
-->
'which keeps an analog of the trustPosixOffset'

'how do we uniquely differ[distinguish] between them by name?'

'very costly (read: slow) sea[r]ch operations'

(By the way, if you want to belong to multiple groups, is the only way to do this via an /etc/group file? Also, it occurs to me that another way to store the unix home dir, etc., would be a 'partial passwd' file that omitted the fields for the parts supplied easily by AD (SID, GID)? That's just an idle thought.)

'Cygwin process tree, which[ever?] first process'

'is not running a[t] the time'

'via an undocumented API[,] an applications[application] can fetch'

'When Cygwin stat's[stats, or: stat()s] files'

'If both[,] files and db are specified'
'Cygwin will always try the files first, then the db. '
-- is that because the db will always be more trustworthy than the files?

BTW, the POSIX permission mapping leak used to have a section heading; it's now just unmarked, inside the File Permissions section. (I'm just pointing that out.)

Hope this helps! You've obviously put a lot of thought and effort into all this: thanks.

luke


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]