[PATCH setup] Add new option --chown-admin
Jon Turney
jon.turney@dronecode.org.uk
Wed Jul 6 13:53:23 GMT 2022
On 06/07/2022 08:14, Christian Franke wrote:
> If an installer is run elevated, the installed files will be typically
> owned by the local administrator (or in some cases SYSTEM or
> TrustedInstaller) instead of the current user. This is not the case for
> a Cygwin "All Users" installation. The files are then not protected from
... instead the files are owned by the user running setup?
> accidental changes by this user.
>
> The attached patch adds an experimental --chown-admin option which
> allows (new) installations owned by local administrator user and group.
Thanks for the patch, but...
> A drawback is that files generated by postinstall scripts are still
> owned by current user + "None" group. It should be possible to fix this
> with some perpetual preremove+postinstall scripts.
>
> I also don't know whether this may break some postinstall scripts.
>
> BTW: 'nt_sec.setDefaultSecurity (isAdmin)' is never called with
> 'isAdmin==true' as 'root_scope' is always 0.
root_scope is set later, by the "Install For" option on the "Select Root
Install Directory" page.
To me, this looks like a (very long standing) bug that we shouldn't be
calling setAdminGroup() here, but after root_scope has been set.
More information about the Cygwin-apps
mailing list