27603Re: Win32 ACLs unreliable.
- Mar 4, 2002On 3 Mar 2002 at 13:15, Bram Moolenaar wrote:
> > The only reliable approach to ACL handling seems to be to get down andUntil we write a replacement for GetEffectiveRightsFromAcl() - admittedly not a nice
> > dirty with the low level system calls. A quick Google search has
> > turned up the following page as having sample code that could be used
> > as a basis for rewriting the ACL checking:
> > http://mvps.org/win32/security/fksec.html
> > Until I (or someone else) gets a chance to review this and reimplement
> > the relevant bits in C (it's in C++) I recommend that Yet Another
> > Option (TM - V.Negri) is added to turn off ACL checking that users can
> > use if they experience problems. Not a full solution but at least
> > that should prevent a large number of complaints.
> I don't like adding an option for this. It's not a real solution, it
> just shifts the problem towards the user.
solution as this could be a fair amount of code.
> How about an alternative: Can we try writing to the file to find out ifMaybe, I'll investigate.
> it's writable? Opening the file for appending should not change the
> file in any way. The possible side effect is that the timestamp of the
> file changes when you edit it with Vim.
> This should at least be restricted to file systems that have ACLDoing it in acl_check() will ensure that the check for the file system supporting ACLs
has been done.
> Alternatively, we can assume all files on ACL'ed file systems areThe original bug report was due to assuming this - someone reported that he was
> writable, since mostly people complain if a file is marked read-only
> while its actually writable.
unable to write to a file not marked as read-only due to an ACL not allowing writes.
How ironic ;)
I'm verging back towards remove ACL support on Windows. I doubt anywhere that is
using ACLs in anger would have VIM around - they would be having som many
problems with other applications that don't take notice of ACLs.
Genealogy tracing us back to the same brother and sister.
- << Previous post in topic Next post in topic >>