On Aug 29 09:58, Achim Gratz wrote: > Achim Gratz <Stromeko <at> NexGo.DE> writes: > > > Please test. > > > > This fixes the "read-only" problem in Emacs (so that hunch was correct). > > Perl still doesn't play, but I think the 5.18 version should get it correct. > > Will need to switch a test installation over for that, though. > > With that snapshot in place, ssh suddenly recognized that my private key > file was more readable than it liked it to be, so it looks that it's using > the same general strategy of dealing with ACL as Emacs.
...which means, they don't deal with ACLs at all. They only see what's given in the st_mode permission bits. With this change, the group permission bits now show that *somebody* has certain permissions on the file, thus the group permissions indicate a too open access for ssh, if somebody except you have write access to the file. Downside: If you use inherited Windows permissions, you'll often have the case that Administrators and/or SYSTEM have full access to your files. This in turn shows up as rwx group permissions now. If you can't change the permissions (company requirements, etc) the ssh key file permission test will get annoying. So it's probably a very nice change (thanks a lot for bringing this up!), but it will probably have some negative side-effects for existing installations. > I'm starting to > like this patch very much... :-) Despite of what I'm outlining above, me too :) Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgpEaeJNMvNNZ.pgp
Description: PGP signature
