On Thu, Jan 10, 2002 at 10:09:59AM -0500, Fleischer, Karsten (K.) wrote: > > But, uhm, what exactly is a `superuser' from your point of view? > > We don't have that concept except for SYSTEM as _the_ user which > > is able to change user context w/o changing security policies. > > And on 9x/Me... > > Does the SYSTEM user have uid == 0? Does any user have an uid == 0? > If not then it does not matter anyway. I can just leave it as it is. > If in future some superuser concept might find it's way into Cygwin, this $SHELL >stuff is safe already.
The problem is that by default the "Everyone" group has the uid and gid 0. The user can change that in the passwd and group files. You just should stick with uid/gid 18 for the user SYSTEM. Are you familar with the NT security concept? If you want to have a rough insight how that's used in Cygwin, I suggest reading http://cygwin.com/cygwin-ug-net/ntsec.html It's rather old and a bit badly maintained but it's basically still correct. > Oh, I forgot to mention that I changed the rename() logic a bit. > rename("a", "b"): If "a" is really "a.exe" it is renamed to "b.exe" > rename("a", "b.suffix"): If "a" is really "a.exe" it is nevertheless renamed to >"b.suffix". The ".suffix" implies that the user knows what she's doing. > rename("a.exe", "b"): The ".exe" suffix implies that the user knows what she's >doing, too, so "a.exe" is renamed to "b" > > This also holds for link(). > > I've taken that from UWIN, too. Yup, that sounds reasonable to discuss. One general question, though. How do these changes to handle things like U/WIN collide with the propietary U/WIN license? We don't want to have problems with AT&T suddenly. Especially we don't want to have sources taken from U/WIN. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:[EMAIL PROTECTED] Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
