Differences between 'ls' permissions *nix vs cygwin

I'm not sure if this is a bug or a feature.

But I find the following differences between *nix and cygwin on access permissions of 'ls'

Test case:

$ mkdir -p dir1/dir2
$ chmod 700 dir1

<switch to a another non-root/non-admin user>

$ ls -d dir1
dir1  [both Linux & Cygwin]

$ ls dir1
 ls: cannot open directory dir1 Permission denied  [both Linux & Cygwin]

$ ls -d dir1/dir2
ls: cannot access directory dir1/dir2 Permission denied  [Linux]
dir1/dir2 [Cygwin]

No acl's beyond the standard ugo posix permissions are set on either system. The Cygwin user only belongs to the 'None' and 'Users' group.

In particular, why is a non-privileged Cygwin user able to look over a blocked directory further into a file tree?

On Nov 10 00:44, aputerguy wrote:
> I'm not sure if this is a bug or a feature.

It's Windows.

http://www.google.com/search?q=%22bypass%20traverse%20checking%22


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Corinna Vinschen-2 writes:
> http://www.google.com/search?q=%22bypass%20traverse%20checking%22

I was <sigh> unaware of that "feature"
However, after turning it off, it still seems that cygwin 'ls' gives a different response than *nix 'ls' to a file in the subtree of a directory that is "non-traversable."

For example, if the current user doesn't have excutable (x) access to 'dir1', then in Linux:
$ls -nl dir1/<any string>
ls: cannot access dir1<any string>: Permission denied

While in Cygwin, for any value of <any string> whether the file/directory exists or not, I seem to get the following rather than an error message.
-rw-r--r-- 1 1006 513 0 Nov 30 2006 dir/<any string>
where 1006:513 = UID:GID

So, changing Bypass Traverse Checking has indeed now prevented me from getting any "meaningful" file info but...
Why isn't cygwin ls returning an error message here?
Why isn't is consistent with *nix?
(note I started a new bash process, but I haven't rebooted after change Bypass Traverse Checking)

On Nov 10 07:22, aputerguy wrote:
>
> Corinna Vinschen-2 writes:
> > http://www.google.com/search?q=%22bypass%20traverse%20checking%22
>
> I was <sigh> unaware of that "feature"
> However, after turning it off,

Don't do that.  There's more to this user right than you see at first
sight.  A lot of stuff might not work anymore as you expected in Windows.

> While in Cygwin, for any value of <any string> whether the file/directory
> exists or not, I seem to get the following rather than an error message.
> -rw-r--r-- 1 1006 513 0 Nov 30 2006 dir/<any string>
> where 1006:513 = UID:GID

Your own user account is in the administrators group, by any chance?


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Similarly, 'cd' seems to return a different error message on cygwin vs. Linux when looking at such subdirectories:

$cd dir1
bash: cd: /root/dog: Permission denied [both cygwin & linux]

$ cd dir1/<any string>
bash: cd: /dir1/<any string>: Permission denied [linux]
bash: cd: dir1/<any string>: Not a directory

Am I missing something or is this a purposeful inconsistency?

Corinna Vinschen-2 writes:
> On Nov 10 07:22, aputerguy wrote:
> > I was <sigh> unaware of that "feature"
> > However, after turning it off,

> Don't do that.  There's more to this user right than you see at first
> sight.  A lot of stuff might not work anymore as you expected in Windows.

Hmmm... even if I just turn it off for ordinary users?
I read through some of the Microsoft documentation and I didn't see any such warning.


I guess I'm unsure of how to secure a machine easily and properly in Windows in a way that is not just loaded with ACL's (you don't need to answer the general question here since I will ask it more broadly in another thread)

>> While in Cygwin, for any value of <any string> whether the file/directory
>> exists or not, I seem to get the following rather than an error message.
>> -rw-r--r-- 1 1006 513 0 Nov 30 2006 dir/<any string>
>> where 1006:513 = UID:GID

> Your own user account is in the administrators group, by any chance?

Mine is, but I was testing this in a bash.exe window that is 'runas' another *non-administrator* user (belongs only to group Users)


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

On Nov 10 07:52, aputerguy wrote:
http://support.microsoft.com/kb/823659


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple