mirror of
git://sourceware.org/git/newlib-cygwin.git
synced 2025-02-19 23:41:28 +08:00
a8716448ce
Commit 97d0449 left a bit to be desired. First, the fact that any new-style ACL couldn't be "standard ACL" anymore was very much over the top. On one hand Admins and SYSTEM ACEs are not supposed to be masked, but on the other hand we *must* create the CLASS_OBJ because otherwise we don't have information about masking the execute perms for both groups. The ACL would also fail aclcheck. And while get_posix_access now returns the "is standard acl" flag, it hasn't been utilized by set_created_file_access. Rather, set_created_file_access has simply continued to check for nentries > MIN_ACL_ENTRIES, which led to all kinds of weird group and CLASS_OBJ perms. The new code now always manipulates CLASS_OBJ perms if a CLASS_OBJ is present, and it always manipulates group perms if the ACL has been marked as "standard" ACL. Another problem (not related to commit 97d0449) is the order get_posix_access adds missing perms. CLASS_OBJ perms are computed *before* missing GROUP_OBJ perms have been added. Thus the CLASS_OBJ perms could be too tight and led to additional, buggy DENY ACEs. Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Cygwin documentation is available on the net at https://cygwin.com You might especially be interested in https://cygwin.com/faq/faq.html#faq.programming.building-cygwin