* dtable.cc (dtable::build_fhandler_from_name): Set some fhandler

data on sockets to evaluate AF_LOCAL sockets correctly.
	(dtable::build_fhandler): Set unit number on sockets.
	* fhandler.h (fhandler_socket): Add unit number.
	(fhandler_socket::get_unit): New method.
	* fhandler_socket.cc (fhandler_socket::fhandler_socket): Set unit
	number.
	(fhandler_socket::fstat): Reorganize to return more Linux-like
	values.
	* net.cc: include ctype.h.
	(fdsock): Set unit number when building fhandler.
	* path.cc (path_conv::check): Set device type to FH_SOCKET if file
	is a AF_UNIX socket.
	(get_devn): Evaluate unit for virtual socket devices.
	(win32_device_name): Set windows path for sockets to unix_path with
	just backslashes to keep the different names.
	* syscalls.cc (fstat64): Don't override st_ino, st_dev and st_rdev
	for sockets.
	(stat_worker): Ditto.

From Pierre Humblet:

	* autoload.cc (AccessCheck): Add.
	(DuplicateToken): Add.
	* security.h (check_file_access): Declare.
	* syscalls.cc (access): Convert path to Windows, check existence
	and readonly attribute. Call check_file_access instead of acl_access.
	* security.cc (check_file_access): Create.
	* sec_acl (acl_access): Delete.
This commit is contained in:
Corinna Vinschen
2003-02-21 14:29:18 +00:00
parent d05ef21d4f
commit cf762b08cf
11 changed files with 180 additions and 85 deletions

View File

@ -1918,3 +1918,54 @@ set_file_attribute (int use_ntsec, const char *file, int attribute)
return set_file_attribute (use_ntsec, file,
myself->uid, myself->gid, attribute);
}
int
check_file_access (const char *fn, int flags)
{
int ret = -1;
char sd_buf[4096];
DWORD sd_size = sizeof sd_buf;
PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) sd_buf;
HANDLE hToken, hIToken;
BOOL status;
char pbuf[sizeof (PRIVILEGE_SET) + 3 * sizeof (LUID_AND_ATTRIBUTES)];
DWORD desired = 0, granted, plength = sizeof pbuf;
static GENERIC_MAPPING NO_COPY mapping = { FILE_GENERIC_READ,
FILE_GENERIC_WRITE,
FILE_GENERIC_EXECUTE,
FILE_ALL_ACCESS };
if (read_sd (fn, psd, &sd_size) <= 0)
goto done;
if (cygheap->user.issetuid ())
hToken = cygheap->user.token;
else if (!OpenProcessToken (hMainProc, TOKEN_DUPLICATE, &hToken))
{
__seterrno ();
goto done;
}
if (!(status = DuplicateToken (hToken, SecurityIdentification, &hIToken)))
__seterrno ();
if (hToken != cygheap->user.token)
CloseHandle (hToken);
if (!status)
goto done;
if (flags & R_OK)
desired |= FILE_READ_DATA;
if (flags & W_OK)
desired |= FILE_WRITE_DATA;
if (flags & X_OK)
desired |= FILE_EXECUTE;
if (!AccessCheck (psd, hIToken, desired, &mapping,
(PPRIVILEGE_SET) pbuf, &plength, &granted, &status))
__seterrno ();
else if (!status)
set_errno (EACCES);
else
ret = 0;
CloseHandle (hIToken);
done:
debug_printf ("flags %x, ret %d", flags, ret);
return ret;
}