diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2008-08-14 14:05:04 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2008-08-14 14:05:04 +0000 |
| commit | 88797e5979c906e8bb5b181e4c2511b8b79b5818 (patch) | |
| tree | 1c40f694b610a1aa5330c429febb9adc68416662 /winsup/cygwin/fhandler_socket.cc | |
| parent | 56d81795705a67bef7e1e5fa934a2109e34b316f (diff) | |
| download | cygnal-88797e5979c906e8bb5b181e4c2511b8b79b5818.tar.gz cygnal-88797e5979c906e8bb5b181e4c2511b8b79b5818.tar.bz2 cygnal-88797e5979c906e8bb5b181e4c2511b8b79b5818.zip | |
* external.cc (cygwin_internal): Call set_security_attribute with
additional path_conv argument.
* fhandler.cc (fhandler_base::open): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Never set DOS
R/O attribute when using ACLs.
(fhandler_disk_file::mkdir): Ditto. Set
security descriptor on remote dirs after creating the dir, same as in
fhandler_base::open.
* fhandler_socket.cc (fhandler_socket::bind): Ditto for remote AF_LOCAL
socket files.
* path.cc (symlink_worker): Ditto. for remote symlinks.
* security.cc (alloc_sd): Take additional path_conv argument.
Accommodate throughout. Drop setting FILE_WRITE_EA/FILE_READ_EA
flags unconditionally (was only necessary for "ntea"). Don't set
FILE_READ_ATTRIBUTES and FILE_WRITE_ATTRIBUTES unconditionally on
Samba. Add comment to explain. Drop useless setting of
STANDARD_RIGHTS_WRITE, it's in FILE_GENERIC_WRITE anyway.
Remove FILE_READ_ATTRIBUTES bit from FILE_GENERIC_EXECUTE so as not
to enforce read permissions on Samba.
(set_security_attribute): Take additional path_conv argument.
* security.h (set_security_attribute): Change prototype accordingly.
Diffstat (limited to 'winsup/cygwin/fhandler_socket.cc')
| -rw-r--r-- | winsup/cygwin/fhandler_socket.cc | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/winsup/cygwin/fhandler_socket.cc b/winsup/cygwin/fhandler_socket.cc index 176838de8..1ab5170ea 100644 --- a/winsup/cygwin/fhandler_socket.cc +++ b/winsup/cygwin/fhandler_socket.cc @@ -882,8 +882,10 @@ fhandler_socket::bind (const struct sockaddr *name, int namelen) fattr |= FILE_ATTRIBUTE_READONLY; SECURITY_ATTRIBUTES sa = sec_none_nih; security_descriptor sd; - if (pc.has_acls ()) - set_security_attribute (mode, &sa, sd); + /* See comments in fhander_base::open () for an explanation why we defer + setting security attributes on remote files. */ + if (pc.has_acls () && !pc.isremote ()) + set_security_attribute (pc, mode, &sa, sd); NTSTATUS status; HANDLE fh; OBJECT_ATTRIBUTES attr; @@ -904,6 +906,8 @@ fhandler_socket::bind (const struct sockaddr *name, int namelen) } else { + if (pc.has_acls () && pc.isremote ()) + set_file_attribute (fh, pc, ILLEGAL_UID, ILLEGAL_GID, mode); char buf[sizeof (SOCKET_COOKIE) + 80]; __small_sprintf (buf, "%s%u %c ", SOCKET_COOKIE, sin.sin_port, get_socket_type () == SOCK_STREAM ? 's' |