JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* external.cc (cygwin_internal): Call set_security_attribute with

Browse Source 
additional path_conv argument.
	* fhandler.cc (fhandler_base::open): Ditto.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Never set DOS
	R/O attribute when using ACLs.
	(fhandler_disk_file::mkdir): Ditto.  Set
	security descriptor on remote dirs after creating the dir, same as in
	fhandler_base::open.
	* fhandler_socket.cc (fhandler_socket::bind): Ditto for remote AF_LOCAL
	socket files.
	* path.cc (symlink_worker): Ditto. for remote symlinks.
	* security.cc (alloc_sd): Take additional path_conv argument.
	Accommodate throughout.  Drop setting FILE_WRITE_EA/FILE_READ_EA
	flags unconditionally (was only necessary for "ntea"). Don't set
	FILE_READ_ATTRIBUTES and FILE_WRITE_ATTRIBUTES unconditionally on
	Samba.  Add comment to explain.  Drop useless setting of
	STANDARD_RIGHTS_WRITE, it's in FILE_GENERIC_WRITE anyway.
	Remove FILE_READ_ATTRIBUTES bit from FILE_GENERIC_EXECUTE so as not
	to enforce read permissions on Samba.
	(set_security_attribute): Take additional path_conv argument.
	* security.h (set_security_attribute): Change prototype accordingly.
This commit is contained in:
Corinna Vinschen
2008-08-14 14:05:04 +00:00
parent 56d8179570
commit 88797e5979
8 changed files with 69 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
winsup/cygwin/fhandler_disk_file.cc
View File

@ -807,10 +807,10 @@ fhandler_disk_file::fchmod (mode_t mode)
res = 0;
}
/* if the mode we want has any write bits set, we can't be read only. */
/* If the mode has any write bits set, the DOS R/O flag is in the way. */
if (mode & (S_IWUSR | S_IWGRP | S_IWOTH))
pc &= (DWORD) ~FILE_ATTRIBUTE_READONLY;
else
else if (!pc.has_acls ()) /* Never set DOS R/O if security is used. */
pc |= (DWORD) FILE_ATTRIBUTE_READONLY;
if (S_ISSOCK (mode))
pc |= (DWORD) FILE_ATTRIBUTE_SYSTEM;
@ -1380,8 +1380,10 @@ fhandler_disk_file::mkdir (mode_t mode)
SECURITY_ATTRIBUTES sa = sec_none_nih;
security_descriptor sd;
if (has_acls ())
set_security_attribute (S_IFDIR | ((mode & 07777) & ~cygheap->umask),
/* See comments in fhander_base::open () for an explanation why we defer
setting security attributes on remote files. */
if (has_acls () && !pc.isremote ())
set_security_attribute (pc, S_IFDIR | ((mode & 07777) & ~cygheap->umask),
&sa, sd);
NTSTATUS status;
@ -1418,6 +1420,9 @@ fhandler_disk_file::mkdir (mode_t mode)
p, plen);
if (NT_SUCCESS (status))
{
if (has_acls () && pc.isremote ())
set_file_attribute (dir, pc, ILLEGAL_UID, ILLEGAL_GID,
S_IFDIR | ((mode & 07777) & ~cygheap->umask));
NtClose (dir);
res = 0;
}