* security.cc (alloc_sd): Don't set FILE_DELETE_CHILD for group

if S_ISVTX attribute is given.
        * dir.cc (mkdir): Allow immediate setting of S_ISUID, S_ISGID and
        S_ISVTX attribute.
        * syscalls.cc (_open): Ditto.
This commit is contained in:
Corinna Vinschen
2001-08-07 16:14:59 +00:00
parent 86fb039324
commit c0ae23dc47
4 changed files with 13 additions and 4 deletions

View File

@@ -1393,7 +1393,8 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
if (attribute & S_IXGRP)
group_allow |= FILE_GENERIC_EXECUTE;
if ((attribute & (S_IFDIR | S_IWGRP | S_IXGRP))
== (S_IFDIR | S_IWGRP | S_IXGRP))
== (S_IFDIR | S_IWGRP | S_IXGRP)
&& !(attribute & S_ISVTX))
group_allow |= FILE_DELETE_CHILD;
/* Construct allow attribute for everyone. */