This is the mail archive of the cygwin-apps@cygwin.com mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Setup with the new ntsec support has been released for a week. Since then I have not seen any permission issues on the list. Markus Schönhaber has been very helpful in testing various configurations. After analyzing them I propose some extra improvements: The main issue is the name "setup.exe" itself, which induces Windows to launch a Run As pop up when setup is run by non-privileged users. Answering "yes" allows to set system mounts and to install Cygwin almost anywhere but it has several drawbacks: 1) Domain users are not included in /etc/passwd 2) The Administrator account may not have Restore privilege and chown may fail in postinstall scripts. 3) ls -l may show files without rx access for the user running setup if the Administrator account is not in Users and if the directory inheritance does not give rx access to Everyone (I have observed the two events separately but never together). I believe setup would be more newbie friendly if the name was changed :( The patch below also introduces two changes: 1) Currently setup only attempts to change its default group to Users (or Administrators) if it is None. The patch tries all the time. I have not seen a case where it would hurt. There are typical scenarios where it helps, for example when inheritance gives rx access to Users but not to Everyone nor to the current user's group. 2) When setup is launched from Windows (but not from Cygwin) by a privileged user, files are owned by Administrators. This can lead to perceived access restrictions for the current user. Also this feature generates questions on the list. The patch always gives ownership to the current user (already the case when running from Cygwin). Pierre 2003-03-19 Pierre Humblet <pierre dot humblet at ieee dot org> * main.cc (set_default_sec): Set token owner from token user. Always try to set the token primary group to Users or Admins.
Attachment:
main.diff
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |