* fhandler.cc (fhandler_base::open): When creating a file on a
filesystem supporting ACLs, create the file with WRITE_DAC access. Explain why. * fhandler_disk_file.cc (fhandler_disk_file::mkdir): Ditto for directories. * fhandler_socket.cc (fhandler_socket::bind): Ditto for sockets. * path.cc (symlink_worker): Ditto for symlinks. * security.cc (get_file_sd): Always call GetSecurityInfo for directories on XP and Server 2003. Improve comment to explain why. (set_file_attribute): Explicitely cast mode_t value to bool in call to get_file_sd. * wincap.h (wincaps::use_get_sec_info_on_dirs): New element. * wincap.cc: Implement above element throughout.
This commit is contained in:
@@ -577,6 +577,13 @@ fhandler_base::open (int flags, mode_t mode)
|
||||
/* If mode has no write bits set, and ACLs are not used, we set
|
||||
the DOS R/O attribute. */
|
||||
file_attributes |= FILE_ATTRIBUTE_READONLY;
|
||||
else if (!exists () && has_acls ())
|
||||
/* If we are about to create the file and the filesystem supports
|
||||
ACLs, we will overwrite the DACL after the call to NtCreateFile.
|
||||
This requires a handle with additional WRITE_DAC access,
|
||||
otherwise set_file_sd has to open the file again. */
|
||||
access |= WRITE_DAC;
|
||||
|
||||
/* The file attributes are needed for later use in, e.g. fchmod. */
|
||||
pc.file_attributes (file_attributes);
|
||||
}
|
||||
|
Reference in New Issue
Block a user