From 22ae5a5be8eeef5722e003ccf07b133a59018b66 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Thu, 26 Apr 2001 09:21:33 +0000 Subject: [PATCH] * security.cc (alloc_sd): Add unrelated ACCESS_ALLOWED_ACE behind the `everyone' ACE. --- winsup/cygwin/ChangeLog | 5 +++++ winsup/cygwin/security.cc | 14 ++++++-------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index bcc0e552c..50f23f7c4 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,8 @@ +2001-04-26 Kazuhiro Fujieda + + * security.cc (alloc_sd): Add unrelated ACCESS_ALLOWED_ACE behind + the `everyone' ACE. + Wed Apr 25 15:07:37 2001 Christopher Faylor * sigproc.h [sigthread]: Add exception field. [sigframe::~sigframe]: diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index c814379f4..b24d648e3 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -622,6 +622,11 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute, group_sid, acl_len, inherit)) return NULL; + /* Set allow ACE for everyone. */ + if (!add_access_allowed_ace (acl, ace_off++, other_allow, + get_world_sid (), acl_len, inherit)) + return NULL; + /* Get owner and group from current security descriptor. */ PSID cur_owner_sid = NULL; PSID cur_group_sid = NULL; @@ -649,8 +654,7 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute, continue; /* * Add unrelated ACCESS_DENIED_ACE to the beginning but - * behind the owner_deny, ACCESS_ALLOWED_ACE to the end - * but in front of the `everyone' ACE. + * behind the owner_deny, ACCESS_ALLOWED_ACE to the end. */ if (!AddAce(acl, ACL_REVISION, ace->Header.AceType == ACCESS_DENIED_ACE_TYPE ? @@ -661,14 +665,8 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute, return NULL; } acl_len += ace->Header.AceSize; - ++ace_off; } - /* Set allow ACE for everyone. */ - if (!add_access_allowed_ace (acl, ace_off++, other_allow, - get_world_sid (), acl_len, inherit)) - return NULL; - /* Set AclSize to computed value. */ acl->AclSize = acl_len; debug_printf ("ACL-Size: %d", acl_len);