diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2016-04-18 20:43:00 +0200 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2016-04-18 20:43:00 +0200 |
| commit | 97d0449325b740a9c122090f46813ec8ed91edc9 (patch) | |
| tree | 8f547b8f549eb77c04ab1c47d29e3bb472445105 /winsup/cygwin/sec_acl.cc | |
| parent | 12cc8290e85cee8258ce1857a570506344401bbe (diff) | |
| download | cygnal-97d0449325b740a9c122090f46813ec8ed91edc9.tar.gz cygnal-97d0449325b740a9c122090f46813ec8ed91edc9.tar.bz2 cygnal-97d0449325b740a9c122090f46813ec8ed91edc9.zip | |
Handle permissions a bit closer to POSIX 1003.1e
So far we tweaked ACL_GROUP_OBJ and ACL_MASK values the same way when
creating a file. We now do what POSIX requires, namely just change
ACL_MASK if it's present, otherwise ACL_GROUP_OBJ. Note that we only
do this at creation time. Chmod still tweaks both to create less
surprising results for the unsuspecting user.
Additionally make sure to take umask only into account if no ACL_MASK
value is present. That has been missed so far.
* sec_acl.cc (set_posix_access): Perform check for non-existant
default ACEs earlier. Ignore umask also if ACL_MASK is present.
Only set owner_eq_group if we're actually handling a user entry.
Mention chmod in a comment.
* security.cc (set_created_file_access): Perform group/mask
permission setting as required by POSIX 1003.1e.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diffstat (limited to 'winsup/cygwin/sec_acl.cc')
| -rw-r--r-- | winsup/cygwin/sec_acl.cc | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc index c8de174e0..8dd73b195 100644 --- a/winsup/cygwin/sec_acl.cc +++ b/winsup/cygwin/sec_acl.cc @@ -323,12 +323,12 @@ set_posix_access (mode_t attr, uid_t uid, gid_t gid, /* To check if the NULL SID deny ACE is required we need user_obj. */ tmp_idx = searchace (aclbufp, nentries, def | USER_OBJ); - user_obj = aclbufp[tmp_idx].a_perm; - /* To compute deny access masks, we need group_obj, other_obj and... */ - tmp_idx = searchace (aclbufp, nentries, def | GROUP_OBJ); /* No default entries present? */ if (tmp_idx < 0) break; + user_obj = aclbufp[tmp_idx].a_perm; + /* To compute deny access masks, we need group_obj, other_obj and... */ + tmp_idx = searchace (aclbufp, nentries, def | GROUP_OBJ); group_obj = aclbufp[tmp_idx].a_perm; tmp_idx = searchace (aclbufp, nentries, def | OTHER_OBJ); other_obj = aclbufp[tmp_idx].a_perm; @@ -800,6 +800,7 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, aclsid[pos] = well_known_null_sid; } has_class_perm = true; + standard_ACEs_only = false; class_perm = lacl[pos].a_perm; } if (ace->Header.AceFlags & SUB_CONTAINERS_AND_OBJECTS_INHERIT) @@ -867,7 +868,8 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, { type = GROUP_OBJ; lacl[1].a_id = gid = id; - owner_eq_group = true; + if (type == USER_OBJ) + owner_eq_group = true; } if (!(ace->Header.AceFlags & INHERIT_ONLY || type & ACL_DEFAULT)) { @@ -933,7 +935,8 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, with a standard ACL, one only consisting of POSIX perms, plus SYSTEM and Admins as maximum non-POSIX perms entries. If it's a standard ACL, we apply umask. That's not entirely correct, - but it's probably the best we can do. */ + but it's probably the best we can do. Chmod also wants to + know this. See there for the details. */ else if (type & (USER | GROUP) && standard_ACEs_only && ace_sid != well_known_system_sid |