libs/newlib-cygwin
libs/newlib-cygwin
4
0
Fork 0
mirror of git://sourceware.org/git/newlib-cygwin.git synced 2025-01-18 12:29:32 +08:00
Code Issues Projects Releases Wiki Activity

* security.cc (alloc_sd): Remove DELETE bit from user's ACE if

Browse Source 
allow_traverse is set.
This commit is contained in:
Corinna Vinschen 2005-04-19 10:10:13 +00:00
parent d02099f239
commit 28f2a08860
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,8 @@
2005-04-19 Corinna Vinschen <corinna@vinschen.de>
* security.cc (alloc_sd): Remove DELETE bit from user's ACE if
allow_traverse is set.
2005-04-19 Corinna Vinschen <corinna@vinschen.de> 2005-04-19 Corinna Vinschen <corinna@vinschen.de>
* cygwin.din (pselect): Export. * cygwin.din (pselect): Export.

8
winsup/cygwin/security.cc
View File

@ -1553,6 +1553,14 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
/* Construct allow attribute for owner. */ /* Construct allow attribute for owner. */
DWORD owner_allow = STANDARD_RIGHTS_ALL DWORD owner_allow = STANDARD_RIGHTS_ALL
| FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA; | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA;
/* This has nothing to do with traverse checking in the first place, but
since traverse checking is the setting which switches to POSIX-like
permission rules, the below is all too similar. Removing the delete
bit for a file or directory results in checking the parent directories'
ACL, if the current user has the FILE_DELETE_CHILD bit set. This is
how it is on POSIX systems. */
if (allow_traverse)
owner_allow &= ~DELETE;
if (attribute & S_IRUSR) if (attribute & S_IRUSR)
owner_allow |= FILE_GENERIC_READ; owner_allow |= FILE_GENERIC_READ;
if (attribute & S_IWUSR) if (attribute & S_IWUSR)