* fhandler.cc (fhandler_base::open): Accomodate query_write_control
query_state. (fhandler_base::fchown): New method. * fhandler.h: Declare fchown method in fhandler_base, fhandler_disk_file and fhandler_virtual. (enum query_state): Add query_write_control. * fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state to query_write_control. Only remove FILE_ATTRIBUTE_READONLY if not setting security descriptor. (fhandler_disk_file::fchown): New method. * fhandler_virtual.cc (fhandler_virtual::fchown): New method. * sec_acl.cc (setacl): Call write_sd with additional handle attribute. * security.cc (write_sd): Take handle argument. Only request owner if getting SE_RESTORE_NAME privilege failed. Only open file if NtSetSecurityObject failed or handle is NULL. (set_nt_attribute): Call write_sd with additional handle attribute. * security.h (write_sd): Declare with additional handle argument.
This commit is contained in:
@@ -443,7 +443,18 @@ fhandler_base::open (int flags, mode_t mode)
|
||||
}
|
||||
|
||||
if (query_open ())
|
||||
access = (query_open () == query_read_control ? READ_CONTROL : 0);
|
||||
switch (query_open ())
|
||||
{
|
||||
case query_null_access:
|
||||
access = 0;
|
||||
break;
|
||||
case query_read_control:
|
||||
access = READ_CONTROL;
|
||||
break;
|
||||
case query_write_control:
|
||||
access = READ_CONTROL | WRITE_OWNER | WRITE_DAC;
|
||||
break;
|
||||
}
|
||||
else if (get_major () == DEV_TAPE_MAJOR)
|
||||
access = GENERIC_READ | GENERIC_WRITE;
|
||||
else if ((flags & (O_RDONLY | O_WRONLY | O_RDWR)) == O_RDONLY)
|
||||
@@ -1411,3 +1422,10 @@ fhandler_base::fchmod (mode_t mode)
|
||||
/* By default, just succeeds. */
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
fhandler_base::fchown (__uid32_t uid, __gid32_t gid)
|
||||
{
|
||||
/* By default, just succeeds. */
|
||||
return 0;
|
||||
}
|
||||
|
Reference in New Issue
Block a user