diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2016-08-19 16:50:04 +0200 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2016-08-19 16:50:15 +0200 |
| commit | a8716448cecc1c09f1ee8896d1b148c5bdda8fca (patch) | |
| tree | 9520f5a9c1b9cc3541cbf260d5e5f04bae3d3844 /newlib/libc/unix/pwrite.c | |
| parent | 3e8f833df0689701b6188b975a9af7a061e910ee (diff) | |
| download | cygnal-a8716448cecc1c09f1ee8896d1b148c5bdda8fca.tar.gz cygnal-a8716448cecc1c09f1ee8896d1b148c5bdda8fca.tar.bz2 cygnal-a8716448cecc1c09f1ee8896d1b148c5bdda8fca.zip | |
Simplify "Windows-standard-like" permissions
Commit 97d0449 left a bit to be desired. First, the fact that any
new-style ACL couldn't be "standard ACL" anymore was very much over
the top. On one hand Admins and SYSTEM ACEs are not supposed to be
masked, but on the other hand we *must* create the CLASS_OBJ
because otherwise we don't have information about masking the
execute perms for both groups. The ACL would also fail aclcheck.
And while get_posix_access now returns the "is standard acl" flag,
it hasn't been utilized by set_created_file_access. Rather,
set_created_file_access has simply continued to check for
nentries > MIN_ACL_ENTRIES, which led to all kinds of weird group
and CLASS_OBJ perms. The new code now always manipulates CLASS_OBJ
perms if a CLASS_OBJ is present, and it always manipulates group perms
if the ACL has been marked as "standard" ACL.
Another problem (not related to commit 97d0449) is the order
get_posix_access adds missing perms. CLASS_OBJ perms are computed
*before* missing GROUP_OBJ perms have been added. Thus the CLASS_OBJ
perms could be too tight and led to additional, buggy DENY ACEs.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diffstat (limited to 'newlib/libc/unix/pwrite.c')
0 files changed, 0 insertions, 0 deletions