JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* sec_acl.cc (aclcheck32): Check for required default entries as well.

Browse Source 
Enable check for missing CLASS_OBJ entries, now that setfacl creates
	them.
This commit is contained in:
Corinna Vinschen 2014-09-03 12:46:19 +00:00
parent ef1e66cfbf
commit e5110581dc
2 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,9 @@
2014-09-03 Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (aclcheck32): Check for required default entries as well.
Enable check for missing CLASS_OBJ entries, now that setfacl creates
them.
2014-09-02 Corinna Vinschen <corinna@vinschen.de> 2014-09-02 Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (aclsort32): Set errno to EINVAL if aclcheck32 failed. * sec_acl.cc (aclsort32): Set errno to EINVAL if aclcheck32 failed.

16
winsup/cygwin/sec_acl.cc
View File

@ -628,6 +628,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which)
bool has_other_obj = false; bool has_other_obj = false;
bool has_class_obj = false; bool has_class_obj = false;
bool has_ug_objs __attribute__ ((unused)) = false; bool has_ug_objs __attribute__ ((unused)) = false;
bool has_def_objs __attribute__ ((unused)) = false;
bool has_def_user_obj __attribute__ ((unused)) = false; bool has_def_user_obj __attribute__ ((unused)) = false;
bool has_def_group_obj = false; bool has_def_group_obj = false;
bool has_def_other_obj = false; bool has_def_other_obj = false;
@ -692,7 +693,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which)
*which = pos; *which = pos;
return USER_ERROR; return USER_ERROR;
} }
has_def_user_obj = true; has_def_objs = has_def_user_obj = true;
break; break;
case DEF_GROUP_OBJ: case DEF_GROUP_OBJ:
if (has_def_group_obj) if (has_def_group_obj)
@ -701,7 +702,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which)
*which = pos; *which = pos;
return GRP_ERROR; return GRP_ERROR;
} }
has_def_group_obj = true; has_def_objs = has_def_group_obj = true;
break; break;
case DEF_OTHER_OBJ: case DEF_OTHER_OBJ:
if (has_def_other_obj) if (has_def_other_obj)
@ -710,7 +711,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which)
*which = pos; *which = pos;
return OTHER_ERROR; return OTHER_ERROR;
} }
has_def_other_obj = true; has_def_objs = has_def_other_obj = true;
break; break;
case DEF_CLASS_OBJ: case DEF_CLASS_OBJ:
if (has_def_class_obj) if (has_def_class_obj)
@ -719,7 +720,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which)
*which = pos; *which = pos;
return CLASS_ERROR; return CLASS_ERROR;
} }
has_def_class_obj = true; has_def_objs = has_def_class_obj = true;
break; break;
case DEF_USER: case DEF_USER:
case DEF_GROUP: case DEF_GROUP:
@ -730,7 +731,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which)
*which = pos2; *which = pos2;
return DUPLICATE_ERROR; return DUPLICATE_ERROR;
} }
has_def_ug_objs = true; has_def_objs = has_def_ug_objs = true;
break; break;
default: default:
return ENTRY_ERROR; return ENTRY_ERROR;
@ -738,11 +739,10 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which)
if (!has_user_obj if (!has_user_obj
|| !has_group_obj || !has_group_obj
|| !has_other_obj || !has_other_obj
#if 0 || (has_def_objs
/* These checks are not ok yet since CLASS_OBJ isn't fully implemented. */ && (!has_def_user_obj || !has_def_group_obj || !has_def_other_obj))
|| (has_ug_objs && !has_class_obj) || (has_ug_objs && !has_class_obj)
|| (has_def_ug_objs && !has_def_class_obj) || (has_def_ug_objs && !has_def_class_obj)
#endif
) )
{ {
if (which) if (which)