* security.cc (alloc_sd): For directories, mark inherited ACEs

inheritable to better follow POSIX 1003.1e rules.
author: Corinna Vinschen <corinna@vinschen.de> 2015-02-27 15:54:15 +0000
committer: Corinna Vinschen <corinna@vinschen.de> 2015-02-27 15:54:15 +0000
commit: 9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613 (patch)
tree: d85dc955f6afcde117646b23bcba9253ce71782a /winsup/cygwin/security.cc
parent: 83b0e8cffe7ceee8a4ecb84ed15efc09e668d84c (diff)
download: cygnal-9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613.tar.gz
cygnal-9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613.tar.bz2
cygnal-9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index 6dde7d3c8..d8bab20dc 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -792,6 +792,12 @@ alloc_sd (path_conv &pc, uid_t uid, gid_t gid, int attribute,
 		 opening a file's security tab.  Explorer complains if
 		 inheritable ACEs are preceding non-inheritable ACEs. */
 	      ace->Header.AceFlags &= ~INHERITED_ACE;
+	      /* However, if the newly created object is a directory,
+	         it inherits the default ACL from its parent, so mark
+		 all unrelated, inherited ACEs inheritable. */
+	      if (S_ISDIR (attribute))
+		ace->Header.AceFlags |= CONTAINER_INHERIT_ACE
+					| OBJECT_INHERIT_ACE;
 	    }
 	  else if (uid == ILLEGAL_UID && gid == ILLEGAL_UID
 		   && ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE
author	Corinna Vinschen <corinna@vinschen.de>	2015-02-27 15:54:15 +0000
committer	Corinna Vinschen <corinna@vinschen.de>	2015-02-27 15:54:15 +0000
commit	9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613 (patch)
tree	d85dc955f6afcde117646b23bcba9253ce71782a /winsup/cygwin/security.cc
parent	83b0e8cffe7ceee8a4ecb84ed15efc09e668d84c (diff)
download	cygnal-9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613.tar.gz cygnal-9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613.tar.bz2 cygnal-9f6688dfc5be0242aa965fbb8fc29fd3f3f3e613.zip