Commit Graph

6 Commits

Author SHA1 Message Date
Corinna Vinschen 2100c6ef0d Cygwin: get/set security descriptors using FILE_OPEN_NO_RECALL
Add FILE_OPEN_NO_RECALL to NtOpenFile calls trying to fetch
or write file security descriptors so as not to recall them
from offline storage inadvertently.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2024-03-08 21:30:57 +01:00
Corinna Vinschen 971d2dffea Cygwin: get_posix_access: do not merge permissions for just created files
When creating the POSIX ACL rewrite, the code merging permissions from
everyone/group to group/user ACEs was accidentally called for newly
generated files as well.

This could result in broken permissions, if umask used unusual values
like "0100", granted permissions to everyone/group not granted to
group/user.

Make sure to skip permission merging if the file got just created and
we only want to set correct permissions for the first time.

Fixes: bc444e5aa4 ("Reapply POSIX ACL changes.")
Reported-by: Jon Turney <jon.turney@dronecode.org.uk>
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2023-07-21 21:57:44 +02:00
Corinna Vinschen 498fce80ef Cygwin: get_posix_access: Make mode_t parameter mandatory
Avoid the mistake fixed in the preceeding commit by passing
the mode_t argument by reference.  This also affects a couple
other functions calling get_posix_access in turn.

Fixes: bc444e5aa4 ("Reapply POSIX ACL changes.")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2023-02-09 21:58:44 +01:00
Corinna Vinschen 283583c5f2 Cygwin: mkdir: use correct default permissions filtered by umask
Older coreutils created directories with mode bits filtered through
umask.  Newer coreutils creates directories with full permissions,
0777 by default.

This new coreutils behaviour uncovered the fact that default ACEs for
newly created directories were not filtered by umask starting with
commit bc444e5aa4.

Fix it by applying umask on the default ACEs.

Fixes: bc444e5aa4 ("Reapply POSIX ACL change.")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2023-02-09 21:58:07 +01:00
Corinna Vinschen 2e03e5a040 Cygwin: authz: Use dedicated locks per datastructure
So far we use a single muto to guard three different datastructures
inside class authz_ctx: the authz HANDLE, the user context HANDLE
and the context cache list.  Split the single muto into three
independent SRWLOCKs and guard all datastrcutures as necessary to
avoid thread contention.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2022-08-22 14:25:05 +02:00
Corinna Vinschen 007e23d639 Cygwin: Reorganize cygwin source dir
Create subdirs and move files accordingly:

- DevDocs:  doc files
- fhandler: fhandler sources, split fhandler.cc into base.cc and null.cc
- local_includes: local include files
- scripts:  scripts called during build
- sec:      security sources

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2022-08-05 12:02:11 +02:00