* autoload.cc (NtCreateFile): Add.

* dir.cc (mkdir): Change set_file_attribute call to indicate that
	NT security isn't used.
	* fhandler.cc (fhandler_base::open_9x): New method, created from
	fhandler_base::open.
	(fhandler_base::open): Rearrange to use NtCreateFile instead of
	CreateFile.
	* fhandler.h (enum query_state): Redefine query_null_access to
	query_stat_control.  query_null_access isn't allowed in NtCreateFile.
	(fhandler_base::open_9x): Declare.
	* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
	query_stat_control first, query_read_control if that fails.
	(fhandler_disk_file::fchmod): Call enable_restore_privilege before
	trying to open for query_write_control.  Don't fall back to
	opening for query_read_control.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl):  Only request restore privilege and query
	access necessary for given cmd.
	* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
	instead of opening device here.
	* ntdll.h (NtCreateFile): Declare.
	* path.cc (symlink_worker): Change set_file_attribute call to indicate
	that NT security isn't used.
	* sec_acl.cc (getacl): Fix bracketing.
	* sec_helper.cc (enable_restore_privilege): New function.
	* security.cc (str2buf2uni_cat): New function.
	(write_sd): Don't request restore permission here.
	* security.h (set_process_privileges): Drop stale declaration.
	(str2buf2uni): Declare.
	(str2buf2uni_cat): Declare.
	(enable_restore_privilege): Declare.
	* syscalls.cc (fchown32): Return immediate success on 9x.

winsup/cygwin/security.cc

@@ -165,6 +165,16 @@ str2buf2uni (UNICODE_STRING &tgt, WCHAR *buf, const char *srcstr)
   sys_mbstowcs (buf, srcstr, tgt.MaximumLength);
 }
 
+void
+str2buf2uni_cat (UNICODE_STRING &tgt, const char *srcstr)
+{
+  DWORD len = strlen (srcstr) * sizeof (WCHAR);
+  sys_mbstowcs (tgt.Buffer + tgt.Length / sizeof (WCHAR), srcstr,
+		len + tgt.MaximumLength);
+  tgt.Length += len;
+  tgt.MaximumLength += len;
+}
+
 #if 0				/* unused */
 static void
 lsa2wchar (WCHAR *tgt, LSA_UNICODE_STRING &src, int size)
@@ -1119,38 +1129,9 @@ read_sd (const char *file, security_descriptor &sd)
 LONG
 write_sd (HANDLE fh, const char *file, security_descriptor &sd)
 {
-  /* Try turning privilege on, may not have WRITE_OWNER or WRITE_DAC access.
-     Must have privilege to set different owner, else BackupWrite misbehaves */
-  static int NO_COPY saved_res; /* 0: never, 1: failed, 2 & 3: OK */
-  int res;
-  if (!saved_res || cygheap->user.issetuid ())
-    {
-      res = 2 + set_process_privilege (SE_RESTORE_NAME, true,
-				       cygheap->user.issetuid ());
-      if (!cygheap->user.issetuid ())
-	saved_res = res;
-    }
-  else
-    res = saved_res;
-  if (res == 1)
-    {
-      BOOL dummy;
-      cygpsid owner;
-
-      if (!GetSecurityDescriptorOwner (sd, (PSID *) &owner, &dummy))
-	{
-	  __seterrno ();
-	  return -1;
-	}
-      if (owner != cygheap->user.sid ())
-	{
-	  set_errno (EPERM);
-	  return -1;
-	}
-    }
   NTSTATUS ret = STATUS_SUCCESS;
   int retry = 0;
-  res = -1;
+  int res = -1;
   for (; retry < 2; ++retry)
     {
       if (retry && (fh = CreateFile (file, WRITE_OWNER | WRITE_DAC,