On Wed, Nov 13, 2002 at 12:32:31PM -0500, Pierre A. Humblet wrote: > Corinna Vinschen wrote: > > It doesn't add any overhead which isn't already there. > > > If "already" is before the patch, it scans the group file instead of scanning > the token groups. If "already" is after the patch, it scans the group file > instead of scanning the token groups or doing nothing, depending if the uid > of the file owner differs from the uid of the process.
So what? It just uses /etc/group to determine the group membership of user "username". What's wrong with that? "username" is != current user so it reflects the default circumstances for that user. I don't think we can get it better due to Win/POSIX divergence. > The fundamental problem is that there is not enough information to know > the "real permissions" of the owner. Is User_foo a member of Admins or not, > at the time she accesses the file ? Sure. We can't know that. We're reflecting the default. > You make a lot of assumptions in your example. A more detailed description of > the way the code works today (before patch) is this: > > If the process running ls -l is a member of Admins: > rwxrwxr-- > If the process running ls -l in not a member of Admins: > ---rwxr-- > and that's the case *whether or not* User_foo is *nominally* a member of Admins. Wait, I'm assuming that we have a corrected version of is_grp_member(). We already know that is_grp_member() isn't quite right, currently. Let's assume is_grp_member() works as expected which means, including my small patch plus a patch to take all groups in the ACL into account. Then the most ugly problem - using the access token of another user - is dropped from our analyzis. Back to the example. Assume that user_foo is a member of Admins in the SAM. The default case is that access tokens are created with Admin being one of the token groups. > With the current patch, the output of ls -l would be > ---rwxr-- > if ls -l is run by somebody else than User_foo > It would be > rwxrwxr-- > if ls -l is run by User_foo if User_foo is *currently* a member of Admins, and > ---rwxr-- > if ls -l is run by User_foo if User_foo is NOT *currently* a member of Admins > To me, that's slightly better than currently. I'm sorry if I miss something here but with my patch it would be rwxrwxr-- if ls -l is run by somebody else than User_foo. > Note also that your example assumes implicitly that the ACL was not created > by Cygwin. Sure. That's the whole point in this discussion, isn't it? Pure Cygwin ACLs are created according to POSIX rules so that's a non-issue. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin@;cygwin.com Red Hat, Inc.