On Sun, Nov 29, 2009 at 9:32 AM, Corinna Vinschen wrote: > On Nov 28 19:12, Robert Pendell wrote: >> On Sat, Nov 28, 2009 at 12:13 PM, Angelo Graziosi wrote: >> > >> > Corinna Vinschen wrote: >> >> >> >> Fixes a few last-minute bugs: >> > >> > Now, it seems that creating directories and files in some manner acquires >> > an extra unexpected '+' flag. For example (from Cygwin.bat or MinTTY): >> > >> > >> > $ echo "Not " > foo1.txt >> > >> > $ echo "Not OK" > foo2.txt >> > >> > $ diff -Naur foo1.txt foo2.txt > foo.diff >> > >> > $ cp foo1.txt foo.txt >> > >> > $ patch foo.txt foo.diff >> > patching file foo.txt >> > >> > $ mkdir foo >> > >> > $ ls -lrtd foo* >> > -rw-r--r-- 1 ... 5 28 Nov 18:02 foo1.txt >> > -rw-r--r-- 1 ... 7 28 Nov 18:02 foo2.txt >> > -rw-r--r-- 1 ... 124 28 Nov 18:02 foo.diff >> > -rw-r--r--+ 1 ... 7 28 Nov 18:03 foo.txt >> > drwxr-xr-x+ 1 ... 0 28 Nov 18:03 foo >> > >> > See the extra '+' for 'foo.txt' and 'foo'! >> > >> > I didn't note this with previous version -66, -65... >> > >> > Is it to be expected with -67? >> > > > For the directory entry, yes. These additional entries are default > entries for user, group, and other, generated by code which was already > in 1.5, and which had been removed from 1.7.0 back in January. > Unfortunately the removal of these entries result in potentially weird > permission settings on files within Cygwin-created directories in case > the files are created by non-Cygwin Windows tools. Therefore I put them > back in -63. > > Apart from that, I don't see the extra permissions when creating the > patched foo.txt. In other words, I can't reproduce it, at least not on > W7 under UAC. > >> Looks like there is a change in permissions with the file during the >> diff program run. I might run a strace on it if someone tells me the >> appropriate command to do. Anyways here is the relevant part with >> icacls before and after the diff command. >> >> shi...@balthasar ~ >> $ icacls foo.txt >> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO) >> Balthasar\None:(R) >> Everyone:(R) >> >> Successfully processed 1 files; Failed processing 0 files >> >> shi...@balthasar ~ >> >> $ patch foo.txt foo.diff >> patching file foo.txt >> >> shi...@balthasar ~ >> $ icacls foo.txt >> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO) >> Balthasar\None:(R) >> Everyone:(R) >> NT AUTHORITY\SYSTEM:(F) >> BUILTIN\Administrators:(F) >> >> Successfully processed 1 files; Failed processing 0 files >> >> The 2 additional permission lines on the second icacls run is what >> causes the + to appear. > > Indeed. I just don't get how they are generated. I know where they are > coming from (they are part of the default DACL of the user token), but I > don't understand how they get into the ACL of foo.txt. For some reason > this doesn't occur in my testing. I tried in a normal as well as in an > elevated shell, in a directory created with an older version of Cygwin > without default entries, as well as in a directory created with a newer > Cygwin with default entries. In neither case I see the extra entries > for SYSTEM and Administrators. > > What are the permissions of the parent directory? In other words, > what does "icacls ." print in this scenario?
Here is the output for icacls . shi...@balthasar ~ $ icacls . . Balthasar\shinji:(F) Balthasar\None:(RX) Everyone:(RX) Just so you know I am also running on Windows 7 with UAC enabled and I am able to fully reproduce the issue. I am using mintty that is not elevated. I figured the directory entry part was normal since I got that in -65 so I never ran icacls on that entry. Just on foo.txt. If you need a cygcheck.out then let me know. Robert Pendell shi...@elite-systems.org CAcert Assurer "A perfect world is one of chaos." -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
