This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: backup privileges [was: [ANNOUNCEMENT] Updated: cygwin-1.5.22-1]


On Nov 30 16:14, Corinna Vinschen wrote:
> On Nov 30 09:50, Igor Peshansky wrote:
> > Remember how much effort was spent trying to fix Cygwin to work for
> > unprivileged users?  Do you now, all of a sudden, want to break expected
> > behavior for privileged users?
> 
> I'm sorry but I really don't understand the problem.  Cygwin allows
> administrators to do more stuff than what they usually can do when
> running a DOS shell, which is, doing stuff which they can do as admins
> under any POSIX system.  POSIX apps running under a privileged account
> (and the users) usually expect to be able to do stuff which they can't
> when running under a non-admin account, [...]

Just as a side-note, think of sshd which expects to be able to read a
user's authorized_keys file, even if the permissions on the user's files
and directories are set to very strict values.  For security reasons
it's good that the permissions are set to strict values.  Unfortunately
a Cygwin installation so far required to set an extra ACE for the user
running sshd (SYSTEM, sshd_server).  This is also not necessary anymore.
Just like under a POSIX system.


Corinna

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]