diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 0953c1849..4b4f06ae4 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,20 @@ +2008-07-14 Corinna Vinschen + + Throughout drop allow_ntsec and allow_smbntsec handling. + * environ.cc (set_ntsec): Remove. + (set_smbntsec): Remove. + (known): Remove ntsec and smbntsec options. + * external.cc (check_ntsec): Return true if no filename is given. + * mount.cc (oopts): Add "acl" and "noacl" options. Set MOUNT_NOACL + flag accordingly. + (fillout_mntent): Handle MOUNT_NOACL flag. + * path.h (enum path_types): Add PATH_NOACL. + * security.cc (allow_ntsec): Remove. + (allow_smbntsec): Remove. + * security.h (allow_ntsec): Drop declaration. + (allow_smbntsec): Drop declaration. + * include/sys/mount.h (MOUNT_NOACL): Define. + 2008-07-14 Corinna Vinschen * miscfuncs.cc (cygwin_strncasecmp): Fix bug which results in diff --git a/winsup/cygwin/environ.cc b/winsup/cygwin/environ.cc index ae202cf90..2a4a73614 100644 --- a/winsup/cygwin/environ.cc +++ b/winsup/cygwin/environ.cc @@ -571,18 +571,6 @@ set_proc_retry (const char *buf) child_info::retry_count = strtoul (buf, NULL, 0); } -static void -set_ntsec (const char *buf) -{ - allow_ntsec = (buf && ascii_strcasematch (buf, "yes")); -} - -static void -set_smbntsec (const char *buf) -{ - allow_smbntsec = (buf && ascii_strcasematch (buf, "yes")); -} - /* The structure below is used to set up an array which is used to parse the CYGWIN environment variable or, if enabled, options from the registry. */ @@ -615,13 +603,11 @@ static struct parse_thing {"export", {&export_settings}, justset, NULL, {{false}, {true}}}, {"forkchunk", {func: set_chunksize}, isfunc, NULL, {{0}, {0}}}, {"glob", {func: &glob_init}, isfunc, NULL, {{0}, {s: "normal"}}}, - {"ntsec", {func: set_ntsec}, isfunc, NULL, {{0}, {s: "yes"}}}, {"proc_retry", {func: set_proc_retry}, isfunc, NULL, {{0}, {5}}}, {"reset_com", {&reset_com}, justset, NULL, {{false}, {true}}}, #ifdef USE_SERVER {"server", {&allow_server}, justset, NULL, {{false}, {true}}}, #endif - {"smbntsec", {func: set_smbntsec}, isfunc, NULL, {{0}, {s: "yes"}}}, {"strip_title", {&strip_title_path}, justset, NULL, {{false}, {true}}}, {"title", {&display_title}, justset, NULL, {{false}, {true}}}, {"tty", {NULL}, set_process_state, NULL, {{0}, {PID_USETTY}}}, diff --git a/winsup/cygwin/external.cc b/winsup/cygwin/external.cc index 4b80cb786..429a2875a 100644 --- a/winsup/cygwin/external.cc +++ b/winsup/cygwin/external.cc @@ -123,9 +123,9 @@ static DWORD check_ntsec (const char *filename) { if (!filename) - return allow_ntsec; + return true; path_conv pc (filename); - return allow_ntsec && pc.has_acls (); + return pc.has_acls (); } /* Copy cygwin environment variables to the Windows environment. */ diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc index 4d4d0d83d..410e0b815 100644 --- a/winsup/cygwin/fhandler.cc +++ b/winsup/cygwin/fhandler.cc @@ -374,13 +374,12 @@ fhandler_base::fhaccess (int flags) else if (has_attribute (FILE_ATTRIBUTE_READONLY) && (flags & W_OK) && !pc.isdir ()) goto eaccess_done; - else if (has_acls () && allow_ntsec) + else if (has_acls ()) { res = check_file_access (pc, flags); goto done; } - else if (get_device () == FH_REGISTRY && allow_ntsec && open (O_RDONLY, 0) - && get_handle ()) + else if (get_device () == FH_REGISTRY && open (O_RDONLY, 0) && get_handle ()) { res = check_registry_access (get_handle (), flags); close (); @@ -588,7 +587,7 @@ fhandler_base::open (int flags, mode_t mode) descriptor matches. The result is that the file gets created, but then NtCreateFile doesn't return a handle to the file and fails with STATUS_ACCESS_DENIED. Go figure! */ - if (allow_ntsec && has_acls ()) + if (has_acls ()) { set_security_attribute (mode, &sa, sd); attr.SecurityDescriptor = sa.lpSecurityDescriptor; diff --git a/winsup/cygwin/fhandler_disk_file.cc b/winsup/cygwin/fhandler_disk_file.cc index 66f1fcc3c..d0e86e481 100644 --- a/winsup/cygwin/fhandler_disk_file.cc +++ b/winsup/cygwin/fhandler_disk_file.cc @@ -761,7 +761,7 @@ fhandler_disk_file::fchmod (mode_t mode) if (!(oret = open (O_BINARY, 0))) { /* Need WRITE_DAC|WRITE_OWNER to write ACLs. */ - if (allow_ntsec && pc.has_acls ()) + if (pc.has_acls ()) return -1; /* Otherwise FILE_WRITE_ATTRIBUTES is sufficient. */ query_open (query_write_attributes); @@ -798,13 +798,12 @@ fhandler_disk_file::fchmod (mode_t mode) goto out; } - if (allow_ntsec && pc.has_acls ()) + if (pc.has_acls ()) { if (pc.isdir ()) mode |= S_IFDIR; if (!set_file_attribute (get_handle (), pc, - ILLEGAL_UID, ILLEGAL_GID, mode) - && allow_ntsec) + ILLEGAL_UID, ILLEGAL_GID, mode)) res = 0; } @@ -823,7 +822,7 @@ fhandler_disk_file::fchmod (mode_t mode) status = NtSetInformationFile (get_handle (), &io, &fbi, sizeof fbi, FileBasicInformation); /* Correct NTFS security attributes have higher priority */ - if (!allow_ntsec || !pc.has_acls ()) + if (!pc.has_acls ()) { if (!NT_SUCCESS (status)) __seterrno_from_nt_status (status); @@ -843,7 +842,7 @@ fhandler_disk_file::fchown (__uid32_t uid, __gid32_t gid) { int oret = 0; - if (!pc.has_acls () || !allow_ntsec) + if (!pc.has_acls ()) { /* fake - if not supported, pretend we're like win95 where it just works */ @@ -887,7 +886,7 @@ fhandler_disk_file::facl (int cmd, int nentries, __aclent32_t *aclbufp) int res = -1; int oret = 0; - if (!pc.has_acls () || !allow_ntsec) + if (!pc.has_acls ()) { cant_access_acl: switch (cmd) @@ -1388,7 +1387,7 @@ fhandler_disk_file::mkdir (mode_t mode) SECURITY_ATTRIBUTES sa = sec_none_nih; security_descriptor sd; - if (allow_ntsec && has_acls ()) + if (has_acls ()) set_security_attribute (S_IFDIR | ((mode & 07777) & ~cygheap->umask), &sa, sd); diff --git a/winsup/cygwin/fhandler_socket.cc b/winsup/cygwin/fhandler_socket.cc index 6756bf513..e770a7cb0 100644 --- a/winsup/cygwin/fhandler_socket.cc +++ b/winsup/cygwin/fhandler_socket.cc @@ -882,7 +882,7 @@ fhandler_socket::bind (const struct sockaddr *name, int namelen) fattr |= FILE_ATTRIBUTE_READONLY; SECURITY_ATTRIBUTES sa = sec_none_nih; security_descriptor sd; - if (allow_ntsec && pc.has_acls ()) + if (pc.has_acls ()) set_security_attribute (mode, &sa, sd); NTSTATUS status; HANDLE fh; diff --git a/winsup/cygwin/include/sys/mount.h b/winsup/cygwin/include/sys/mount.h index d9d138a2a..ebcf8db88 100644 --- a/winsup/cygwin/include/sys/mount.h +++ b/winsup/cygwin/include/sys/mount.h @@ -30,7 +30,8 @@ enum MOUNT_DEVFS = 0x0200, /* /device "filesystem" */ MOUNT_PROC = 0x0400, /* /proc "filesystem" */ MOUNT_ENC = 0x0800, /* encode special characters */ - MOUNT_RO = 0x1000 /* read-only "filesystem" */ + MOUNT_RO = 0x1000, /* read-only "filesystem" */ + MOUNT_NOACL = 0x2000 /* support reading/writing ACLs */ }; int mount (const char *, const char *, unsigned __flags); diff --git a/winsup/cygwin/mount.cc b/winsup/cygwin/mount.cc index 3d1a8cb9a..2bc941ef4 100644 --- a/winsup/cygwin/mount.cc +++ b/winsup/cygwin/mount.cc @@ -831,7 +831,9 @@ struct opt {"notexec", MOUNT_NOTEXEC, 0}, {"cygexec", MOUNT_CYGWIN_EXEC, 0}, {"nosuid", 0, 0}, - {"managed", MOUNT_ENC, 0} + {"managed", MOUNT_ENC, 0}, + {"acl", MOUNT_NOACL, 1}, + {"noacl", MOUNT_NOACL, 0} }; static bool @@ -1353,6 +1355,9 @@ fillout_mntent (const char *native_path, const char *posix_path, unsigned flags) if (flags & MOUNT_ENC) strcat (_my_tls.locals.mnt_opts, ",managed"); + if (flags & MOUNT_NOACL) + strcat (_my_tls.locals.mnt_opts, (char *) ",noacl"); + if ((flags & MOUNT_CYGDRIVE)) /* cygdrive */ strcat (_my_tls.locals.mnt_opts, (char *) ",noumount"); diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index c69f9d88e..0e671bec7 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -516,8 +516,7 @@ fs_info::update (PUNICODE_STRING upath, HANDLE in_vol) is_nfs (RtlEqualUnicodeString (&fsname, &testname, FALSE)); is_cdrom (ffdi.DeviceType == FILE_DEVICE_CD_ROM); - has_acls ((flags () & FS_PERSISTENT_ACLS) - && (allow_smbntsec || !is_remote_drive ())); + has_acls (flags () & FS_PERSISTENT_ACLS); hasgood_inode (((flags () & FILE_PERSISTENT_ACLS) && !is_netapp ()) || is_nfs ()); /* Known file systems with buggy open calls. Further explanation @@ -1231,7 +1230,7 @@ out: if (exists () || fs.update (get_nt_native_path (), NULL)) { debug_printf ("this->path(%s), has_acls(%d)", path, fs.has_acls ()); - if (fs.has_acls () && allow_ntsec) + if (fs.has_acls ()) set_exec (0); /* We really don't know if this is executable or not here but set it to not executable since it will be figured out later by anything which cares about this. */ @@ -1785,7 +1784,7 @@ symlink_worker (const char *oldpath, const char *newpath, bool use_winsym, goto done; } } - if (allow_ntsec && win32_newpath.has_acls ()) + if (win32_newpath.has_acls ()) set_security_attribute (S_IFLNK | STD_RBITS | STD_WBITS, &sa, sd); status = NtCreateFile (&fh, DELETE | FILE_GENERIC_WRITE, diff --git a/winsup/cygwin/path.h b/winsup/cygwin/path.h index 513d7e80d..2db254e58 100644 --- a/winsup/cygwin/path.h +++ b/winsup/cygwin/path.h @@ -80,6 +80,7 @@ enum path_types PATH_CYGWIN_EXEC = MOUNT_CYGWIN_EXEC, PATH_ENC = MOUNT_ENC, PATH_RO = MOUNT_RO, + PATH_NOACL = MOUNT_NOACL, PATH_ALL_EXEC = (PATH_CYGWIN_EXEC | PATH_EXEC), PATH_NO_ACCESS_CHECK = PC_NO_ACCESS_CHECK, PATH_LNK = 0x01000000, @@ -148,7 +149,7 @@ class path_conv bool case_clash; bool isremote () const {return fs.is_remote_drive ();} - bool has_acls () const {return fs.has_acls (); } + bool has_acls () const {return !(path_flags & PATH_NOACL) && fs.has_acls (); } bool hasgood_inode () const {return fs.hasgood_inode (); } bool isgood_inode (__ino64_t ino) const; int has_symlinks () const {return path_flags & PATH_HAS_SYMLINKS;} diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 021065a32..b4c7caf2c 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -29,12 +29,6 @@ details. */ | GROUP_SECURITY_INFORMATION \ | OWNER_SECURITY_INFORMATION) -/* Set ntsec explicit as default. */ -bool allow_ntsec = true; -/* allow_smbntsec is handled exclusively in path.cc (path_conv::check). - It's defined here because of it's strong relationship to allow_ntsec. */ -bool allow_smbntsec; - LONG get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd) { @@ -310,15 +304,12 @@ int get_reg_attribute (HKEY hkey, mode_t *attribute, __uid32_t *uidret, __gid32_t *gidret) { - if (allow_ntsec) - { - security_descriptor sd; + security_descriptor sd; - if (!get_reg_sd (hkey, sd)) - { - get_info_from_sd (sd, attribute, uidret, gidret); - return 0; - } + if (!get_reg_sd (hkey, sd)) + { + get_info_from_sd (sd, attribute, uidret, gidret); + return 0; } /* The entries are already set to default values */ return -1; @@ -328,7 +319,7 @@ int get_file_attribute (HANDLE handle, path_conv &pc, mode_t *attribute, __uid32_t *uidret, __gid32_t *gidret) { - if (pc.has_acls () && allow_ntsec) + if (pc.has_acls ()) { security_descriptor sd; @@ -707,7 +698,7 @@ set_file_attribute (HANDLE handle, path_conv &pc, { int ret = -1; - if (pc.has_acls () && allow_ntsec) + if (pc.has_acls ()) { security_descriptor sd; diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 90033fe95..42e75e755 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -336,9 +336,6 @@ legal_sid_type (SID_NAME_USE type) || type == SidTypeAlias || type == SidTypeWellKnownGroup; } -extern bool allow_ntsec; -extern bool allow_smbntsec; - /* File manipulation */ int __stdcall get_file_attribute (HANDLE, path_conv &, mode_t *, __uid32_t *, __gid32_t *); diff --git a/winsup/cygwin/spawn.cc b/winsup/cygwin/spawn.cc index 2be98f2ab..f90ffbcea 100644 --- a/winsup/cygwin/spawn.cc +++ b/winsup/cygwin/spawn.cc @@ -169,7 +169,7 @@ find_exec (const char *name, path_conv& buf, const char *mywinenv, if ((suffix = perhaps_suffix (tmp, buf, err, opt)) != NULL) { - if (buf.has_acls () && allow_ntsec && check_file_access (buf, X_OK)) + if (buf.has_acls () && check_file_access (buf, X_OK)) continue; if (posix == tmp)