diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2015-04-14 10:42:29 +0200 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2015-04-14 10:42:29 +0200 |
| commit | 40653522b942addc65070275c89078d15aa8b4d5 (patch) | |
| tree | 31ccffae384da91cccc7017a6745a60b714e5445 | |
| parent | cf6ff1c3216ab611b9fa4c46145b684b8d36ce1f (diff) | |
| download | cygnal-40653522b942addc65070275c89078d15aa8b4d5.tar.gz cygnal-40653522b942addc65070275c89078d15aa8b4d5.tar.bz2 cygnal-40653522b942addc65070275c89078d15aa8b4d5.zip | |
Fix thinko in creating the {DEF_}CLASS_OBJ value on old-style ACLs
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
| -rw-r--r-- | winsup/cygwin/ChangeLog | 5 | ||||
| -rw-r--r-- | winsup/cygwin/sec_acl.cc | 14 |
2 files changed, 13 insertions, 6 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index b4c251ca4..47a4b1a6a 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,8 @@ +2015-04-14 Corinna Vinschen <corinna@vinschen.de> + + * sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up + CLASS_OBJ mask on old-style ACLs. Fix a comment. + 2015-04-12 Corinna Vinschen <corinna@vinschen.de> * sec_acl.cc (set_posix_access): Always make sure Admins have diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc index 80e45a484..97fc03b2f 100644 --- a/winsup/cygwin/sec_acl.cc +++ b/winsup/cygwin/sec_acl.cc @@ -739,11 +739,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, if (!new_style) { /* Fix up CLASS_OBJ value. */ - if (type & (USER | GROUP_OBJ | GROUP)) + if (type & (USER | GROUP)) { has_class_perm = true; - /* Accommodate Windows: Never add SYSTEM and Admins - perms to CLASS_OBJ perms. */ + /* Accommodate Windows: Never add SYSTEM and Admins to + CLASS_OBJ. Unless (implicitely) if they are the + GROUP_OBJ entry. */ if (ace_sid != well_known_system_sid && ace_sid != well_known_admins_sid) class_perm |= lacl[pos].a_perm; @@ -774,11 +775,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, if (!new_style) { /* Fix up DEF_CLASS_OBJ value. */ - if (type & (USER | GROUP_OBJ | GROUP)) + if (type & (USER | GROUP)) { has_def_class_perm = true; - /* Accommodate Windows: Never add SYSTEM and Admins - perms to CLASS_OBJ perms. */ + /* Accommodate Windows: Never add SYSTEM and Admins to + CLASS_OBJ. Unless (implicitely) if they are the + GROUP_OBJ entry. */ if (ace_sid != well_known_system_sid && ace_sid != well_known_admins_sid) def_class_perm |= lacl[pos].a_perm; |