Tim McDaniel wrote:
I'd like to test a script by giving it an unreadable file as an
argument.
I usually log in as a user, but one that's in the Administrators
group. I made the file (a text file containing just "hello") owned by
user Administrator with absolutely no permissions for anyone else.
Cygwin uses a little-known aspect of the NT security model. Besides
permissions, there are also privileges. And administrators have the
backup/restore privilege enabled by default, which means that they can
bypass ACLs (access control lists). [1]
Try with a standard user, not a members of the administrator's group.
[1] You can use the editrights cygwin utility to manipulate privilieges.
For example, editrights.exe -l -u Administrateurs should list
SeBackupPrivilege and SeRestorePrivilege among others. And you inherit
these privilieges from group membership.
--
Sylvain RICHARD
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
