1
1
How is cygwin able to bypass Windows XP ACLS? In the following example, cmd.exe cannot create a file in a directory but bash can. What gives?
C:\WINDOWS\Temp>mkdir noaccess
C:\WINDOWS\Temp>cacls noaccess /E /R Everyone
processed dir: C:\WINDOWS\Temp\noaccess
C:\WINDOWS\Temp>cacls noaccess
C:\WINDOWS\Temp\noaccess
C:\WINDOWS\Temp>echo abc > noaccess\abc
Access is denied.
C:\WINDOWS\Temp>c:\cygwin\bin\bash -c "echo abc > noaccess/abc"
C:\WINDOWS\Temp>c:\cygwin\bin\bash -c "/bin/cat noaccess/abc"
abc
Thanks. The filesystem is NTFS so the FAT part does not apply. It certainly seems cygwin is running with some privileges but I would have thought it would not do so by default. The documentation you referenced probably explains this but it seems very involved and quick read does not show any sections that specifically talk about cygwin using privileged access. – Miserable Variable – 2012-02-10T21:11:54.493
Cygwin's docs on NTFS and ACLs under Cygwin: http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-files
– Andrew Lambert – 2012-02-10T22:36:02.043