I noticed when I launch an executable, Cygwin queries SACL information on the executable (which I can see in Process Monitor as a 'QuerySecurityFile' operation). On some of my protected file servers, this generates a failure audit. Looking at the source code, I'm going to guess this might be from the NtQuerySecurityObject call in security.cc which requests SACL information by asking for for ALL_SECURITY_INFORMATION. Does Cygwin really need to query this information? Aside from keeping my audit logs clean, it seems like it might be an opportunity for optimizing the executable launch process if Cygwin doesn't really need this (or some of the other information that ALL_SECURITY_INFORMATION provides).
Thoughts? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
