This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [BUG 1.7] Read-only files are not.


On 12/31/2008 4:06 PM, Eric Blake wrote:
David Rothenberger <daveroth <at> acm.org> writes:

It seems that read-only files in Cygwin 1.7 are not truly
read-only.

Are you perchance running as an Administrator, and therefore you have backup privileges?

Yes.


If so, then you have root-like power, and cygwin exposes that by opening files with intent to backup even when the ACLs would otherwise make the file unreadable. Therefore, even though none of S_IRUSR, S_IRGRP, S_IROTH are set in the posixy st_mode bits, access(file, R_OK) returns 0 and open() is able to exploit your root-like powers to read that file.

I thought Corinna mentioned this in the release notes.

I didn't see anything mentioned in this message: http://cygwin.com/ml/cygwin-announce/2008-12/msg00009.html


(This issue was brought to my attention by a failing subversion test
after building for 1.7.)

The findutils testsuite also had to make accomodations to skip certain tests when run with root-like privileges.

If this is indeed intended behavior, I will adjust the subversion test cases accordingly.



-- David Rothenberger ---- daveroth@acm.org

pain, n.:
        One thing, at least it proves that you're alive!


-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]