On Fri, Nov 15, 2002 at 10:24:36AM -0500, Pierre A. Humblet wrote: > Corinna Vinschen wrote: > > chgrp 544 or 513 /var/empty > > > > but that only works for default /etc/group files. > > 544 is still the best solution, IMHO. Let's take the long term view.
Yep. But as far as I'm concerned we should drop that part of your patch until I could update ssh. > It's not a group_deny, it's an owner deny (which would go on top, so canonical > order is OK here). Oops, thick fingers... > Also if the owner is not in the group when alloc_sd is called, and is placed > in the group later, then the owner access mode of the file would change, which > isn't POSIX. > Let's look at it from another angle: what is gained by going through the trouble > of calling is_grp_member and possibly omitting the owner_deny? Since is_grp_member() isn't that slow anymore, what does it hurt to get the situation right in the first place? I'm somehow more and more convinced that this is just a matter of taste. > The non canonical order is produced when the group has less permission > than everyone, which I agree is unlikely. Yeah, my mind was on another issue. Time for weekend. > It's 100% OK with me to give preference to being nice! Ok. I'm really sorry that I'm making your live that hard but I assume you know that I'm just trying to find something as a best solution (if that's at all possible). Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin@;cygwin.com Red Hat, Inc.
