vi stealing SYSTEM-owned permissions and ownership

Andrey Repin anrdaemon@yandex.ru
Sat Nov 2 22:35:00 GMT 2013 

Greetings, D. Boland!

> First, in my student-setup, Apache is not running under Cygwin. I used the
> .msi distribution, available on the Apache website. This installs Apache as a 
> native Windows Service, and it can be configured using the Windows Services 
> Control Panel.

> As to running as the SYSTEM user, I agree with you. In Linux, Apache is started
> by root, and then immediately switches to the "nobody" user, so it is unable 
> to touch or even see the outside of its ServerRoot.

> In Windows, this mechanism does not work. That is why the "User" and "Group"
> directives are left out of the httpd.conf file in the Windows distribution.

> I now have Apache running under the username "Daemon" which I created using 
> the standard Windows "Users" Control Panel. I put this user in my "apache" 
> group like this:

> net localgroup apache Daemon /add

> The tricky part was assigning the following permissions to the "Daemon"
> user:

> * Log on as a service
> * Act as part of the operating system

> I did this in the "Local Security Settings" Control Panel, which can 
> be found in the "System Administration" Control Panel. It is also possible to 
> bring it up by running "secpol.msc" from the Start menu.

> Finally, I configured Apache to run as user "Daemon" in the "Services" control 
> panel (services.msc).

Your main problem is that you are trying to break into native Windows
ACL system with Cygwin tools. And not only that, you also trying to
wrest native ACLs into POSIX permissions, and expect native applications to
work fine afterward.
Which can be done theoretically, but in reality is a real big headache to
maintain.

If you truly want to show your students their Windows systems from the command
line, I suggest you learn Windows command line.
If not very robust, it is nonetheless rich, and allow for many operations
normally performed from GUI, and some operations, that can not be done from
GUI, either without much complication or at all.
In the case mentioned below, the "net" tool should come in handy. As well
as "sc" tool.

Or, if you really want to use Cygwin tools to work along with Windows tools,
use noacl mount option and let Windows care about control rights and stuff.

Bottom line is: Either stick to Cygwin and leave Windows alone, or play by
Windows rules.

Also, forcing someone to use vi over more sane editors is a torture which no
one deserve.


--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 03.11.2013, <02:17>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list