From e445b7c33672fc8b81fabeff9e5cb795c87b87db Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Wed, 15 Dec 2010 14:11:03 +0000
Subject: [PATCH] 	* sec_acl.cc (getacl): Ensure that the default acl
 contains at least 	DEF_(USER|GROUP|OTHER)_OBJ entries.

---
 winsup/cygwin/ChangeLog  |  5 +++++
 winsup/cygwin/sec_acl.cc | 39 +++++++++++++++++++++++++++++++++------
 2 files changed, 38 insertions(+), 6 deletions(-)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 25a395c1c..d7e5f005d 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2010-12-15  Christian Franke  <franke@computer.org>
+
+	* sec_acl.cc (getacl): Ensure that the default acl contains at least
+	DEF_(USER|GROUP|OTHER)_OBJ entries.
+
 2010-12-15  Corinna Vinschen  <corinna@vinschen.de>
 
 	* security.cc (alloc_sd): Fix erroneous inheritence entry duplication.
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index 24f2468be..72d310e6a 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -357,11 +357,13 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp)
 	  else if (ace_sid == well_known_creator_group_sid)
 	    {
 	      type = GROUP_OBJ | ACL_DEFAULT;
+	      types_def |= type;
 	      id = ILLEGAL_GID;
 	    }
 	  else if (ace_sid == well_known_creator_owner_sid)
 	    {
 	      type = USER_OBJ | ACL_DEFAULT;
+	      types_def |= type;
 	      id = ILLEGAL_GID;
 	    }
 	  else
@@ -388,13 +390,38 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp)
 		getace (lacl[pos], type, id, ace->Mask, ace->Header.AceType);
 	    }
 	}
-      /* Include DEF_CLASS_OBJ if any default ace exists */
-      if ((types_def & (USER|GROUP))
-	  && ((pos = searchace (lacl, MAX_ACL_ENTRIES, DEF_CLASS_OBJ)) >= 0))
+      if (types_def && (pos = searchace (lacl, MAX_ACL_ENTRIES, 0)) >= 0)
 	{
-	  lacl[pos].a_type = DEF_CLASS_OBJ;
-	  lacl[pos].a_id = ILLEGAL_GID;
-	  lacl[pos].a_perm = S_IROTH | S_IWOTH | S_IXOTH;
+	  /* Ensure that the default acl contains at
+	     least DEF_(USER|GROUP|OTHER)_OBJ entries.  */
+	  if (!(types_def & USER_OBJ))
+	    {
+	      lacl[pos].a_type = DEF_USER_OBJ;
+	      lacl[pos].a_id = uid;
+	      lacl[pos].a_perm = lacl[0].a_perm;
+	      pos++;
+	    }
+	  if (!(types_def & GROUP_OBJ) && pos < MAX_ACL_ENTRIES)
+	    {
+	      lacl[pos].a_type = DEF_GROUP_OBJ;
+	      lacl[pos].a_id = gid;
+	      lacl[pos].a_perm = lacl[1].a_perm;
+	      pos++;
+	    }
+	  if (!(types_def & OTHER_OBJ) && pos < MAX_ACL_ENTRIES)
+	    {
+	      lacl[pos].a_type = DEF_OTHER_OBJ;
+	      lacl[pos].a_id = ILLEGAL_GID;
+	      lacl[pos].a_perm = lacl[2].a_perm;
+	      pos++;
+	    }
+	  /* Include DEF_CLASS_OBJ if any named default ace exists.  */
+	  if ((types_def & (USER|GROUP)) && pos < MAX_ACL_ENTRIES)
+	    {
+	      lacl[pos].a_type = DEF_CLASS_OBJ;
+	      lacl[pos].a_id = ILLEGAL_GID;
+	      lacl[pos].a_perm = S_IROTH | S_IWOTH | S_IXOTH;
+	    }
 	}
     }
   if ((pos = searchace (lacl, MAX_ACL_ENTRIES, 0)) < 0)