libs/newlib-cygwin
libs
/
newlib-cygwin
mirror of git://sourceware.org/git/newlib-cygwin.git
4
0
Fork 0
Code Issues Projects Releases Wiki Activity

Set GROUP_OBJ and CLASS_OBJ perms to new group perms 

* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
        set GROUP_OBJ and CLASS_OBJ perms to new group perms.  Add comment
        to explain why.
        * security.cc (set_created_file_access): Ditto.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen 2015-04-16 22:23:46 +02:00
parent ea503bf4c9
commit a69b0cef71
3 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,10 @@
2015-04-16 Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
set GROUP_OBJ and CLASS_OBJ perms to new group perms. Add comment
to explain why.
* security.cc (set_created_file_access): Ditto.
2015-04-16 Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (set_posix_access): Replace previous patch. Return

7
winsup/cygwin/fhandler_disk_file.cc
View File

@ -904,11 +904,14 @@ fhandler_disk_file::fchmod (mode_t mode)
/* Overwrite ACL permissions as required by POSIX 1003.1e
draft 17. */
aclp[0].a_perm = (mode >> 6) & S_IRWXO;
/* Deliberate deviation from POSIX 1003.1e here. We're not
writing CLASS_OBJ *or* GROUP_OBJ, but both. Otherwise we're
going to be in constant trouble with user expectations. */
if ((idx = searchace (aclp, nentries, GROUP_OBJ)) >= 0)
aclp[idx].a_perm = (mode >> 3) & S_IRWXO;
if (nentries > MIN_ACL_ENTRIES
&& (idx = searchace (aclp, nentries, CLASS_OBJ)) >= 0)
aclp[idx].a_perm = (mode >> 3) & S_IRWXO;
else
aclp[1].a_perm = (mode >> 3) & S_IRWXO;
if ((idx = searchace (aclp, nentries, OTHER_OBJ)) >= 0)
aclp[idx].a_perm = mode & S_IRWXO;
if (pc.isdir ())

7
winsup/cygwin/security.cc
View File

@ -469,11 +469,14 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr)
/* Overwrite ACL permissions as required by POSIX 1003.1e
draft 17. */
aclp[0].a_perm = ((attr & attr_rd) >> 6) & S_IRWXO;
/* Deliberate deviation from POSIX 1003.1e here. We're not
writing CLASS_OBJ *or* GROUP_OBJ, but both. Otherwise we're
going to be in constant trouble with user expectations. */
if ((idx = searchace (aclp, nentries, GROUP_OBJ)) >= 0)
aclp[idx].a_perm = ((attr & attr_rd) >> 3) & S_IRWXO;
if (nentries > MIN_ACL_ENTRIES
&& (idx = searchace (aclp, nentries, CLASS_OBJ)) >= 0)
aclp[idx].a_perm = ((attr & attr_rd) >> 3) & S_IRWXO;
else
aclp[1].a_perm = ((attr & attr_rd) >> 3) & S_IRWXO;
if ((idx = searchace (aclp, nentries, OTHER_OBJ)) >= 0)
aclp[idx].a_perm = (attr & attr_rd) & S_IRWXO;
/* Construct appropriate inherit attribute for new directories.