chown with not existing user/group

Corinna Vinschen
Thu Feb 28 16:49:00 GMT 2008

On Feb 28 14:55, Dave Korn wrote:
> On 28 February 2008 14:45, Matthieu CASTET wrote:
> > But then why does it works if I create dummy user in /etc/passwd.
>   Because cygwin relies on the contents of /etc/passwd to be accurate.  Cygwin
> cannot in general know what SIDs exist out there in a domain (or even on a
> local machine), it treats /etc/passwd as a cache to save going out across the
> network to the domain controller for lookups every time a UID is needed.
> > For example for root
> > 
> > $ echo "root:*:0:0:,S-1-5-32-545::" >> /etc/passwd
> > $ chown root:root /tmp/toto
> > $ ls -l /tmp/toto
> > -rw-r--r-- 1 root root 0 Feb 28 14:49 /tmp/toto
> > 
> > Does it means in this case I create "ACLs with unrecognised SIDs" ?
>   No, because 1-5-32-545 is a real SID, hence recognised.  It's a well-known
> SID that exists on all windows boxes.  It is, however, a GID, not a UID: that
> is the SID of the "Users" group you have set there, so who knows how confused
> cygwin might be by that.

What confusion?  In contrast to POSIX, there's no difference between a
user SID and a group SID from the perspective of security descriptors.
Cygwin doesn't care either, as long as the SID shows up in one of the
/etc/passwd, /etc/group files.

Windows allows to use a group SID as owner and a user SID as group in a
SD.  The group SID in the SD has no meaning in Win32 anyway.  It's more
or less only useful for the POSIX subsystem and, FWIW, Cygwin which uses
it for it's own malicious purposes(*) <insert lunatic laughter here>.


(*) As group, actually.  Hmm, I spoiled it slightly, right?

Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list