ACL: Why SYSTEM doesn't have full access set on newly created files?
Kacper Michajlow
kasper93@gmail.com
Fri Mar 27 02:41:35 GMT 2020
Hi,
I know that Cygwin tries to emulate UNIX permissions using ACL. But I don't
understand why SYSTEM doesn't have Full Control allowed or even modify.
Shouldn't generally SYSTEM have access to everything?
I have cloned git repository of UWP application, and deployment fails in VS
with error:
"DEP0700: Registration of the app failed. [0x80070005] Deployment Register
operation with target volume F: on Package ... from: (AppxManifest.xml)
failed with error 0x80070005."
It is easily fixable by adding Full Control for SYSTEM on all files, but
that wasn't my first idea, so it took some time :) Long story short, it
fails and might be not obvious for the user why, at the first glance.
Also when accessing ACL from Explorer it throws:
"The permissions on <directory> are incorrectly ordered, which may cause
some entries to be ineffective."
And forces me to reorder them if I want to edit.
That said, I have three questions:
1. Could Cygwin by default give SYSTEM full control? If not, why?
2. Could Cygwin put ACL in order, so Windows doesn't complain about it?
3. Do we need "NULL SID" entry?
-Kacper
More information about the Cygwin
mailing list