This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: POSIX permission mapping and NULL SIDs


Since these emails go to a list, not just Bill, and are archived,
the extra detail is added value and appreciated by other people now & in future.

On Tue, Jun 28, 2016 at 11:06 AM, Bill Zissimopoulos
<billziss@navimatics.com> wrote:
> On 6/28/16, 3:27 AM, "Corinna Vinschen" <cygwin-owner@cygwin.com on behalf
> of corinna-cygwin@cygwin.com> wrote:
>
>
>>>Ok.  Please keep in mind that
>>
>>a) there can't be a bijective mapping between arbitrary length SIDs
>>   and a 32 bit uid/gid.
>>
>>b) The mapping used in Cygwin is not self-created but (mostly, except
>>   for a single deviation) identical to the Interix mapping.  The code
>>   basically follows how this mapping has been defined by Microsoft.
>
> Corinna, please stop explaining things to me that I already know.
>
>>> BTW, I have here a partitioning of the UID namespace that may help
>>>choose
>>> the right mapping:
>>>
>>> /*
>>>  * UID namespace partitioning (from [IDMAP] rules):
>>>  *
>>>  * 0x000000 + RID              S-1-5-RID,S-1-5-32-RID
>>>  * 0x000ffe                    OtherSession
>>>  * 0x000fff                    CurrentSession
>>>  * 0x001000 * X + RID          S-1-5-X-RID ([WKSID]:
>>> X=1-15,17-21,32,64,80,83)
>>>  * 0x010000 + 0x100 * X + Y    S-1-X-Y ([WKSID]: X=1,2,3,4,5,9,16)
>>>  * 0x030000 + RID              S-1-5-21-X-Y-Z-RID
>>>  * 0x060000 + RID              S-1-16-RID
>>>  * 0x100000 + RID              S-1-5-21-X-Y-Z-RID
>>>  */
>>
>>You're aware that I wrote the code for this mapping as well as its
>>documentation? :)
>
> Corinna, of course I am aware of that. I have found your original post to
> this list about it. Why would you think otherwise? And why would it change
> anything?
>
>>>With all that and to help conclude this thread I gather here all the
>>> proposed mappings. Corinna, I will use the one which you prefer the
>>>most:
>>>
>>> S-1-0-65534                    <-> 65534
>>
>>This one is still my favorite.  Again, the range from 0x1000 up to
>>0xffff is unused.  Right now any incoming uid/gid value in this range
>>for a reverse SID lookup is treated as invalid SID.
>
> I disagree. You are saying that it is unused, but a (perhaps erroneous)
> SID would map into that space.
>
> In any case I will use your mapping of S-1-0-65534 <-> 65534.
>
> Bill
>

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]