Re: Usage of dpkg under cygwin

To: Paul Baker <pbaker@where2getit.com>
Cc: Claes Wallin <clawa570@cyd.liu.se>, debian-win32@lists.debian.org
Subject: Re: Usage of dpkg under cygwin
From: Robert Collins <robert.collins@syncretize.net>
Date: 12 Oct 2002 08:41:29 +1000
Message-id: <[🔎] 1034376089.11101.48.camel@lifelesswks>
In-reply-to: <[🔎] 30A1BDD5-DD44-11D6-A92C-0003937562B8@where2getit.com>
References: <[🔎] 30A1BDD5-DD44-11D6-A92C-0003937562B8@where2getit.com>

On Sat, 2002-10-12 at 04:06, Paul Baker wrote:
> 
> On Friday, October 11, 2002, at 10:27 AM, Claes Wallin wrote:
> 
> > Of course we need to take security seriously, but I'm not convinced
> > that demanding unnecessary privileges or faking them does that. These
> > files don't need to be owned by root or seem to be owned by root during
> > the packaging process - we should be able to just tell tar to override
> > the fs metadata. I realize that the current system works, but I reserve
> > the right to call it a silly hack.
> 
> And tar does not let you override the fs metadata unless it thinks you 
> are root. Making a custom version of tar that allowed anyone to do it 
> would be a silly hack. Fakeroot is not a silly hack. Read the man page.

I agree that allowing anyone to override such metadata would be a 'silly
hack'. It's also a trivial one. The point is that checking for uid=500
on cygwin *IS STILL BROKEN*. Any NT shop that logs folk in as
administrator is very far away from best practice. Using Run As
'Administrator' is acceptable, but still not good. Using 'Run As' with
another administrative account, one per admin, is best practice. And
that will NEVER have uid 500. If you need to have a tar with root owned
files, thats one thing. Any user in the Administrative users group can
create root owned files, and that is what 'root user checks' should be
checking for in this case.

> > Note that I'm not talking about the Linux/NT/Cygwin issue, or about
> > NT at all really, I'm talking about "debian/rules build" in general.
> 
> I know, that's why I take these issues so seriously. debian/cygwin will 
> never become an official port if it can't learn to live with the policy 
> that works perfectly and better than anything else for 11+ other 
> platforms and 3+ other kernels. The debian build system is not some 
> geewiz hack that someone thought of over a weekend or two. It is what 
> it is through careful evolution and thought out design. Otherwise it 
> would just be another redhat rpm spec knock off and suck just like it.

With all due respect, all the other kernels dpkg supports today are unix
kernels first, and different platforms second. Cygwin is an NT kernel
first, and it is not surprising that assumptions that work under unix
Kernels need to be examined in more depth when you port to cygwin.

Rob

Reply to:

Follow-Ups:
- Re: Usage of dpkg under cygwin
  - From: James Michael DuPont <mdupont777@yahoo.com>

References:
- Re: Usage of dpkg under cygwin
  - From: Paul Baker <pbaker@where2getit.com>

Prev by Date: Re: Usage of dpkg under cygwin
Next by Date: Re: Usage of dpkg under cygwin
Previous by thread: Re: Usage of dpkg under cygwin
Next by thread: Re: Usage of dpkg under cygwin
Index(es):
- Date
- Thread