JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Simplify "Windows-standard-like" permissions

Browse Source 
Commit 97d0449 left a bit to be desired.  First, the fact that any
new-style ACL couldn't be "standard ACL" anymore was very much over
the top.  On one hand Admins and SYSTEM ACEs are not supposed to be
masked, but on the other hand we *must* create the CLASS_OBJ
because otherwise we don't have information about masking the
execute perms for both groups.  The ACL would also fail aclcheck.

And while get_posix_access now returns the "is standard acl" flag,
it hasn't been utilized by set_created_file_access.  Rather,
set_created_file_access has simply continued to check for
nentries > MIN_ACL_ENTRIES, which led to all kinds of weird group
and CLASS_OBJ perms.  The new code now always manipulates CLASS_OBJ
perms if a CLASS_OBJ is present, and it always manipulates group perms
if the ACL has been marked as "standard" ACL.

Another problem (not related to commit 97d0449) is the order
get_posix_access adds missing perms.  CLASS_OBJ perms are computed
*before* missing GROUP_OBJ perms have been added.  Thus the CLASS_OBJ
perms could be too tight and led to additional, buggy DENY ACEs.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen
2016-08-19 16:50:04 +02:00
parent 3e8f833df0
commit a8716448ce
2 changed files with 22 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
winsup/cygwin/security.cc
View File

@ -449,6 +449,7 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr)
tmp_pathbuf tp;
aclent_t *aclp;
int nentries, idx;
bool std_acl;
if (!get_file_sd (handle, pc, sd, true))
{
@ -457,8 +458,8 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr)
attr |= S_IFDIR;
attr_rd = attr;
aclp = (aclent_t *) tp.c_get ();
if ((nentries = get_posix_access (sd, &attr_rd, &uid, &gid,
aclp, MAX_ACL_ENTRIES)) >= 0)
if ((nentries = get_posix_access (sd, &attr_rd, &uid, &gid, aclp,
MAX_ACL_ENTRIES, &std_acl)) >= 0)
{
if (S_ISLNK (attr))
{
@ -466,8 +467,7 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr)
aclp[0].a_perm = (attr >> 6) & S_IRWXO;
if ((idx = searchace (aclp, nentries, GROUP_OBJ)) >= 0)
aclp[idx].a_perm = (attr >> 3) & S_IRWXO;
if (nentries > MIN_ACL_ENTRIES
&& (idx = searchace (aclp, nentries, CLASS_OBJ)) >= 0)
if ((idx = searchace (aclp, nentries, CLASS_OBJ)) >= 0)
aclp[idx].a_perm = (attr >> 3) & S_IRWXO;
if ((idx = searchace (aclp, nentries, OTHER_OBJ)) >= 0)
aclp[idx].a_perm = attr & S_IRWXO;
@ -477,10 +477,10 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr)
/* Overwrite ACL permissions as required by POSIX 1003.1e
draft 17. */
aclp[0].a_perm &= (attr >> 6) & S_IRWXO;
if (nentries > MIN_ACL_ENTRIES
&& (idx = searchace (aclp, nentries, CLASS_OBJ)) >= 0)
if ((idx = searchace (aclp, nentries, CLASS_OBJ)) >= 0)
aclp[idx].a_perm &= (attr >> 3) & S_IRWXO;
else if ((idx = searchace (aclp, nentries, GROUP_OBJ)) >= 0)
if (std_acl
&& (idx = searchace (aclp, nentries, GROUP_OBJ)) >= 0)
aclp[idx].a_perm &= (attr >> 3) & S_IRWXO;
if ((idx = searchace (aclp, nentries, OTHER_OBJ)) >= 0)
aclp[idx].a_perm &= attr & S_IRWXO;