* environ.cc (set_traverse): Remove.

(parse_thing): Drop "traverse" option.
	* path.cc (fs_info::update): Don't request SE_CHANGE_NOTIFY_PRIV
	privilege.
	* sec_helper.cc (set_cygwin_privileges): Ditto.
	* security.cc (allow_traverse): Remove.
	(alloc_sd): Drop special allow_traverse code.
	* security.h (allow_traverse): Drop declaration.
	* syscalls.cc (statvfs): Don't request SE_CHANGE_NOTIFY_PRIV privilege.

winsup/cygwin/security.cc

@@ -48,7 +48,6 @@ bool allow_ntsec;
 /* allow_smbntsec is handled exclusively in path.cc (path_conv::check).
    It's defined here because of it's strong relationship to allow_ntsec. */
 bool allow_smbntsec;
-bool allow_traverse;
 
 extern "C" void
 cygwin_set_impersonation_token (const HANDLE hToken)
@@ -1833,14 +1832,6 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
   /* Construct allow attribute for owner. */
   DWORD owner_allow = STANDARD_RIGHTS_ALL
 		      | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA;
-  /* This has nothing to do with traverse checking in the first place, but
-     since traverse checking is the setting which switches to POSIX-like
-     permission rules, the below is all too similar.  Removing the delete
-     bit for a file or directory results in checking the parent directories'
-     ACL, if the current user has the FILE_DELETE_CHILD bit set.  This is
-     how it is on POSIX systems. */
-  if (allow_traverse)
-    owner_allow &= ~DELETE;
   if (attribute & S_IRUSR)
     owner_allow |= FILE_GENERIC_READ;
   if (attribute & S_IWUSR)