diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2010-12-15 14:11:03 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2010-12-15 14:11:03 +0000 |
| commit | e445b7c33672fc8b81fabeff9e5cb795c87b87db (patch) | |
| tree | ee303b3c63dca9603ad0e5c70256f2f27d20b111 | |
| parent | 38042584f3d85018bf43458fda4e4901398d65f9 (diff) | |
| download | cygnal-e445b7c33672fc8b81fabeff9e5cb795c87b87db.tar.gz cygnal-e445b7c33672fc8b81fabeff9e5cb795c87b87db.tar.bz2 cygnal-e445b7c33672fc8b81fabeff9e5cb795c87b87db.zip | |
* sec_acl.cc (getacl): Ensure that the default acl contains at least
DEF_(USER|GROUP|OTHER)_OBJ entries.
| -rw-r--r-- | winsup/cygwin/ChangeLog | 5 | ||||
| -rw-r--r-- | winsup/cygwin/sec_acl.cc | 39 |
2 files changed, 38 insertions, 6 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 25a395c1c..d7e5f005d 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,8 @@ +2010-12-15 Christian Franke <franke@computer.org> + + * sec_acl.cc (getacl): Ensure that the default acl contains at least + DEF_(USER|GROUP|OTHER)_OBJ entries. + 2010-12-15 Corinna Vinschen <corinna@vinschen.de> * security.cc (alloc_sd): Fix erroneous inheritence entry duplication. diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc index 24f2468be..72d310e6a 100644 --- a/winsup/cygwin/sec_acl.cc +++ b/winsup/cygwin/sec_acl.cc @@ -357,11 +357,13 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp) else if (ace_sid == well_known_creator_group_sid) { type = GROUP_OBJ | ACL_DEFAULT; + types_def |= type; id = ILLEGAL_GID; } else if (ace_sid == well_known_creator_owner_sid) { type = USER_OBJ | ACL_DEFAULT; + types_def |= type; id = ILLEGAL_GID; } else @@ -388,13 +390,38 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp) getace (lacl[pos], type, id, ace->Mask, ace->Header.AceType); } } - /* Include DEF_CLASS_OBJ if any default ace exists */ - if ((types_def & (USER|GROUP)) - && ((pos = searchace (lacl, MAX_ACL_ENTRIES, DEF_CLASS_OBJ)) >= 0)) + if (types_def && (pos = searchace (lacl, MAX_ACL_ENTRIES, 0)) >= 0) { - lacl[pos].a_type = DEF_CLASS_OBJ; - lacl[pos].a_id = ILLEGAL_GID; - lacl[pos].a_perm = S_IROTH | S_IWOTH | S_IXOTH; + /* Ensure that the default acl contains at + least DEF_(USER|GROUP|OTHER)_OBJ entries. */ + if (!(types_def & USER_OBJ)) + { + lacl[pos].a_type = DEF_USER_OBJ; + lacl[pos].a_id = uid; + lacl[pos].a_perm = lacl[0].a_perm; + pos++; + } + if (!(types_def & GROUP_OBJ) && pos < MAX_ACL_ENTRIES) + { + lacl[pos].a_type = DEF_GROUP_OBJ; + lacl[pos].a_id = gid; + lacl[pos].a_perm = lacl[1].a_perm; + pos++; + } + if (!(types_def & OTHER_OBJ) && pos < MAX_ACL_ENTRIES) + { + lacl[pos].a_type = DEF_OTHER_OBJ; + lacl[pos].a_id = ILLEGAL_GID; + lacl[pos].a_perm = lacl[2].a_perm; + pos++; + } + /* Include DEF_CLASS_OBJ if any named default ace exists. */ + if ((types_def & (USER|GROUP)) && pos < MAX_ACL_ENTRIES) + { + lacl[pos].a_type = DEF_CLASS_OBJ; + lacl[pos].a_id = ILLEGAL_GID; + lacl[pos].a_perm = S_IROTH | S_IWOTH | S_IXOTH; + } } } if ((pos = searchace (lacl, MAX_ACL_ENTRIES, 0)) < 0) |