diff options
| -rw-r--r-- | winsup/cygwin/ChangeLog | 6 | ||||
| -rw-r--r-- | winsup/cygwin/fhandler_disk_file.cc | 6 |
2 files changed, 12 insertions, 0 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 703a3ee14..02e616606 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,9 @@ +2009-11-08 Corinna Vinschen <corinna@vinschen.de> + + * fhandler_disk_file.cc (fhandler_base::fstat_helper): Drop all "other" + permissions from st_mode, if the reading the file's security descriptor + failed. Explain why. + 2009-11-06 Corinna Vinschen <corinna@vinschen.de> * globals.cc (ro_u_scr): New R/O unicode string. diff --git a/winsup/cygwin/fhandler_disk_file.cc b/winsup/cygwin/fhandler_disk_file.cc index 44e03d31a..e57000472 100644 --- a/winsup/cygwin/fhandler_disk_file.cc +++ b/winsup/cygwin/fhandler_disk_file.cc @@ -670,6 +670,12 @@ fhandler_base::fstat_helper (struct __stat64 *buf, /* This fakes the permissions of all files to match the current umask. */ buf->st_mode &= ~(cygheap->umask); + /* If the FS supports ACLs, we're here because we couldn't even open + the file for READ_CONTROL access. Chances are high that the file's + security descriptor has no ACE for "Everyone", so we should not fake + any access for "others". */ + if (has_acls ()) + buf->st_mode &= ~(S_IROTH | S_IWOTH | S_IXOTH); } done: |