This is the mail archive of the
cygwin-patches
mailing list for the Cygwin project.
Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin-patches at cygwin dot com
- Date: Sat, 29 Aug 2009 21:20:50 +0200
- Subject: Re: [Patch] Allow to disable root privileges with CYGWIN=noroot
- References: <4A993580.4060604@t-online.de>
- Reply-to: cygwin-patches at cygwin dot com
On Aug 29 16:04, Christian Franke wrote:
> For members of administrator group, Cygwin runs with root access rights.
> Cygwin enables the Windows backup and restore privileges which are not
> enabled by default.
>
> This is IMO not desirable under all circumstances.
>
> This patch adds a new flag to the Cygwin environment variable.
> If 'CYGWIN=noroot' is set, the extra privileges are removed after Cygwin
> startup.
>
> This allows to run a Cygwin shell with the same default access rights as
> cmd or explorer.
I don't like the idea of the patch for three reasons:
- It adds a new CYGWIN setting and
- It adds a new CYGWIN setting which is redundant on all systems
supporting UAC. Either you're running in a default shell with
restricted rights, which means, you don't have admin privileges
anyway, or you're runnning in a admin shell and you very likely want
all rights you can get as admin.
- On all older systems you shouldn't work as admin by default anyway,
especially not on Windows XP. And then, *if* you're running an admin
session, you usually want admin rights. What's the advantage of
faking you don't have these rights?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat