This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: /usr/local, /var and */tmp in c:\Users\Public
- From: Lee <ler762 at gmail dot com>
- To: cygwin at cygwin dot com
- Date: Sat, 15 Nov 2014 12:55:52 -0500
- Subject: Re: /usr/local, /var and */tmp in c:\Users\Public
- Authentication-results: sourceware.org; auth=none
- References: <81578012-FD3F-4463-BC56-ADB092317DD4 at etr-usa dot com> <CABa6CEkRV=3FY6ZVGrdt--rH3PppwCJRD5poU0L2knv2k2ce_w at mail dot gmail dot com> <25F385A9-3E2D-44FC-998F-D2672F67DFE4 at etr-usa dot com> <m40npq$vrq$1 at ger dot gmane dot org> <ECD073FF-B78C-4D19-8DE1-5F4E390D2495 at etr-usa dot com> <20141113093335 dot GI2782 at calimero dot vinschen dot de> <40005E53-A327-4E4A-8C71-514E505F9FBC at etr-usa dot com>
On 11/13/14, Warren Young wrote:
> On Nov 13, 2014, at 2:33 AM, Corinna Vinschen wrote:
>
>> On Nov 12 17:19, Warren Young wrote:
>>>
>>> I'm not advocating that step so early, but maybe if this breakup does
>>> happen, a few years later setup.exe can start applying some strong
>>> ACLs to files it writes.
>>
>> ??? What "strong" ACLs?
>
> The ones that are not there right now. :)
>
> Just to pick a random example:
>
> $ ls -l /bin/ls.exe
> -rwxrwxr-x 1 Warren None 116253 Oct 13 10:12 /bin/ls.exe
Install cygwin as an admin & users don't get write access:
$ ls -l /bin/ls.exe
-rwxr-xr-x 1 root None 101902 Feb 6 2012 /bin/ls.exe
> The same file's permissions, from Windows' perspective:
>
> http://etr-usa.com/cygwin/ls-perms.png
>
> So, just because I installed Cygwin with my regular user account,
You're doing it wrong. Install Cygwin using an admin account and
regular user accounts are not allowed write access to system
files/directories:
$ cd /bin
/bin
$ touch foo
touch: cannot touch `foo': Permission denied
/bin
$ cd /usr
/usr
$ touch foo
touch: cannot touch `foo': Permission denied
> I get
> permission to rewrite ls.exe. This is not a good thing,
In certain circumstances you're right; not a good thing. If you have
an admin account on the machine, why didn't you install cygwin using
that account & have the permissions set correctly in the first place?
In other circumstances, like not having an admin account, it's nice
being able to install & use cygwin as a regular user vs. not having
access to cygwin at all.
> if our goal is to
> make Cygwin work like Linux while working *within* the Windows environment.
>
>
> IMHO, the way to meet both goals simultaneously is to put programs in
> c:\Program Files,
NOOOOOOOOOOOO! Please, do not do that by default. If nothing else,
directory names with embedded spaces should be treated like toxic
waste.
> and to give full-control perms to the local Administrator
> account in the SAM case, or possibly the domain one in the AD case.
Try installing cygwin as an admin. I suspect you'll get most, if not
all, of what you're asking for.
Regards,
Lee
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple