This is the mail archive of the
mailing list for the Cygwin project.
Re: POSIX permission mapping and NULL SIDs
- From: Bill Zissimopoulos <billziss at navimatics dot com>
- To: "cygwin at cygwin dot com" <cygwin at cygwin dot com>
- Date: Thu, 30 Jun 2016 00:03:36 +0000
- Subject: Re: POSIX permission mapping and NULL SIDs
- Authentication-results: sourceware.org; auth=none
- Authentication-results: spf=none (sender IP is ) smtp dot mailfrom=billziss at navimatics dot com;
- References: <D392BA70 dot 95D4%billziss at navimatics dot com> <20160624195144 dot GB27089 at calimero dot vinschen dot de> <D392F074 dot 962E%billziss at navimatics dot com> <20160624215948 dot GD27089 at calimero dot vinschen dot de> <D39583E5 dot 96E3%billziss at navimatics dot com> <1945820393 dot 20160627122324 at yandex dot ru> <20160627102614 dot GA8258 at calimero dot vinschen dot de> <D396C16E dot 9770%billziss at navimatics dot com> <20160628102705 dot GA22797 at calimero dot vinschen dot de> <D3980824 dot 9862%billziss at navimatics dot com> <20160629082129 dot GC981 at calimero dot vinschen dot de>
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
On 6/29/16, 1:21 AM, "Corinna Vinschen" <email@example.com on behalf
of firstname.lastname@example.org> wrote:
>If that's the case, then why do you explain all these things to me? I'm
>a bit at a loss to see the difference between me explaining things to
>you you already know vs. you explaing things to me I already know.
>Aren't we kind of on par here?
Yes, we are.
Perhaps I spoke âout of turnâ as the Americans say. I am sorry if it also
felt like I was explaining things that you know.
>>In any case I will use your mapping of S-1-0-65534 <-> 65534.
>Thanks. Do you want to add handling for this mapping to
>pwdgrp::fetch_account_from_windows yourself or shall I do it? I could
>come up with a patch in the next couple of days. I will prepare a
>developer's snapshot then, so you can immediately test if it works as
I have already added the mapping to WinFsp-FUSE. I can look into what is
required to patch Cygwin.
>>How do we avoid name collisions? I can easily see admins creating an
>>AD account called "nobody".
>>Shall we fake a "WinFSP" domain such that the name is "WinFSP+nobody"?
>Preliminary patch attached.
Ok, looks like you have patched it already. Thanks for this.
BTW, if the name is case-sensitive (strcmp) I usually use the âWinFspâ
capitalization, if it makes a difference.
Also do you foresee any situation where the ânobodyâ mapping might be
useful outside of WinFsp? Perhaps it would make more sense to name it
ânodomain+nobodyâ? Just a suggestion.