From 88797e5979c906e8bb5b181e4c2511b8b79b5818 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Thu, 14 Aug 2008 14:05:04 +0000
Subject: 	* external.cc (cygwin_internal): Call set_security_attribute
 with 	additional path_conv argument. 	* fhandler.cc (fhandler_base::open):
 Ditto. 	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Never
 set DOS 	R/O attribute when using ACLs. 	(fhandler_disk_file::mkdir):
 Ditto.  Set 	security descriptor on remote dirs after creating the dir,
 same as in 	fhandler_base::open. 	* fhandler_socket.cc
 (fhandler_socket::bind): Ditto for remote AF_LOCAL 	socket files. 	*
 path.cc (symlink_worker): Ditto. for remote symlinks. 	* security.cc
 (alloc_sd): Take additional path_conv argument. 	Accommodate
 throughout.  Drop setting FILE_WRITE_EA/FILE_READ_EA 	flags unconditionally
 (was only necessary for "ntea"). Don't set 	FILE_READ_ATTRIBUTES and
 FILE_WRITE_ATTRIBUTES unconditionally on 	Samba.  Add comment to
 explain.  Drop useless setting of 	STANDARD_RIGHTS_WRITE, it's in
 FILE_GENERIC_WRITE anyway. 	Remove FILE_READ_ATTRIBUTES bit from
 FILE_GENERIC_EXECUTE so as not 	to enforce read permissions on Samba. 
 (set_security_attribute): Take additional path_conv argument. 	* security.h
 (set_security_attribute): Change prototype accordingly.

---
 winsup/cygwin/security.cc | 32 ++++++++++++++++++--------------
 1 file changed, 18 insertions(+), 14 deletions(-)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index b4c7caf2c..5d9846abc 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -380,7 +380,7 @@ add_access_denied_ace (PACL acl, int offset, DWORD attributes,
 }
 
 static PSECURITY_DESCRIPTOR
-alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
+alloc_sd (path_conv &pc, __uid32_t uid, __gid32_t gid, int attribute,
 	  security_descriptor &sd_ret)
 {
   BOOL dummy;
@@ -462,28 +462,31 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
   size_t acl_len = sizeof (ACL);
   int ace_off = 0;
 
-  /* Construct allow attribute for owner. */
+  /* Construct allow attribute for owner.
+     Don't set FILE_READ/WRITE_ATTRIBUTES unconditionally on Samba, otherwise
+     it enforces read permissions.  Same for other's below. */
   DWORD owner_allow = STANDARD_RIGHTS_ALL
-		      | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA;
+		      | pc.fs_is_samba ()
+			? 0 : (FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES);
   if (attribute & S_IRUSR)
     owner_allow |= FILE_GENERIC_READ;
   if (attribute & S_IWUSR)
     owner_allow |= FILE_GENERIC_WRITE;
   if (attribute & S_IXUSR)
-    owner_allow |= FILE_GENERIC_EXECUTE;
+    owner_allow |= FILE_GENERIC_EXECUTE & ~FILE_READ_ATTRIBUTES;
   if (S_ISDIR (attribute)
       && (attribute & (S_IWUSR | S_IXUSR)) == (S_IWUSR | S_IXUSR))
     owner_allow |= FILE_DELETE_CHILD;
 
   /* Construct allow attribute for group. */
-  DWORD group_allow = STANDARD_RIGHTS_READ
-		      | FILE_READ_ATTRIBUTES | FILE_READ_EA;
+  DWORD group_allow = STANDARD_RIGHTS_READ |
+		      (pc.fs_is_samba () ? 0 : FILE_READ_ATTRIBUTES);
   if (attribute & S_IRGRP)
     group_allow |= FILE_GENERIC_READ;
   if (attribute & S_IWGRP)
-    group_allow |= STANDARD_RIGHTS_WRITE | FILE_GENERIC_WRITE;
+    group_allow |= FILE_GENERIC_WRITE;
   if (attribute & S_IXGRP)
-    group_allow |= FILE_GENERIC_EXECUTE;
+    group_allow |= FILE_GENERIC_EXECUTE & ~FILE_READ_ATTRIBUTES;
   if (S_ISDIR (attribute)
       && (attribute & (S_IWGRP | S_IXGRP)) == (S_IWGRP | S_IXGRP)
       && !(attribute & S_ISVTX))
@@ -491,13 +494,13 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
 
   /* Construct allow attribute for everyone. */
   DWORD other_allow = STANDARD_RIGHTS_READ
-		      | FILE_READ_ATTRIBUTES | FILE_READ_EA;
+		      | (pc.fs_is_samba () ? 0 : FILE_READ_ATTRIBUTES);
   if (attribute & S_IROTH)
     other_allow |= FILE_GENERIC_READ;
   if (attribute & S_IWOTH)
-    other_allow |= STANDARD_RIGHTS_WRITE | FILE_GENERIC_WRITE;
+    other_allow |= FILE_GENERIC_WRITE;
   if (attribute & S_IXOTH)
-    other_allow |= FILE_GENERIC_EXECUTE;
+    other_allow |= FILE_GENERIC_EXECUTE & ~FILE_READ_ATTRIBUTES;
   if (S_ISDIR (attribute)
       && (attribute & (S_IWOTH | S_IXOTH)) == (S_IWOTH | S_IXOTH)
       && !(attribute & S_ISVTX))
@@ -682,13 +685,13 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
 }
 
 void
-set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
+set_security_attribute (path_conv &pc, int attribute, PSECURITY_ATTRIBUTES psa,
 			security_descriptor &sd)
 {
   psa->lpSecurityDescriptor = sd.malloc (SECURITY_DESCRIPTOR_MIN_LENGTH);
   InitializeSecurityDescriptor ((PSECURITY_DESCRIPTOR)psa->lpSecurityDescriptor,
 				SECURITY_DESCRIPTOR_REVISION);
-  psa->lpSecurityDescriptor = alloc_sd (geteuid32 (), getegid32 (),
+  psa->lpSecurityDescriptor = alloc_sd (pc, geteuid32 (), getegid32 (),
 					attribute, sd);
 }
 
@@ -702,7 +705,8 @@ set_file_attribute (HANDLE handle, path_conv &pc,
     {
       security_descriptor sd;
 
-      if (!get_file_sd (handle, pc, sd) && alloc_sd (uid, gid, attribute, sd))
+      if (!get_file_sd (handle, pc, sd)
+	  && alloc_sd (pc, uid, gid, attribute, sd))
 	ret = set_file_sd (handle, pc, sd);
     }
   else
-- 
cgit v1.2.3