This is the mail archive of the
cygwin-cvs@cygwin.com
mailing list for the Cygwin project.
[newlib-cygwin] Fix thinko in creating the {DEF_}CLASS_OBJ value on old-style ACLs
- From: Corinna Vinschen <corinna at sourceware dot org>
- To: cygwin-cvs at sourceware dot org
- Date: 14 Apr 2015 08:42:40 -0000
- Subject: [newlib-cygwin] Fix thinko in creating the {DEF_}CLASS_OBJ value on old-style ACLs
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=40653522b942addc65070275c89078d15aa8b4d5
commit 40653522b942addc65070275c89078d15aa8b4d5
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Tue Apr 14 10:42:29 2015 +0200
Fix thinko in creating the {DEF_}CLASS_OBJ value on old-style ACLs
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 5 +++++
winsup/cygwin/sec_acl.cc | 14 ++++++++------
2 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index b4c251c..47a4b1a 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2015-04-14 Corinna Vinschen <corinna@vinschen.de>
+
+ * sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
+ CLASS_OBJ mask on old-style ACLs. Fix a comment.
+
2015-04-12 Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (set_posix_access): Always make sure Admins have
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index 80e45a4..97fc03b 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -739,11 +739,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
if (!new_style)
{
/* Fix up CLASS_OBJ value. */
- if (type & (USER | GROUP_OBJ | GROUP))
+ if (type & (USER | GROUP))
{
has_class_perm = true;
- /* Accommodate Windows: Never add SYSTEM and Admins
- perms to CLASS_OBJ perms. */
+ /* Accommodate Windows: Never add SYSTEM and Admins to
+ CLASS_OBJ. Unless (implicitely) if they are the
+ GROUP_OBJ entry. */
if (ace_sid != well_known_system_sid
&& ace_sid != well_known_admins_sid)
class_perm |= lacl[pos].a_perm;
@@ -774,11 +775,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
if (!new_style)
{
/* Fix up DEF_CLASS_OBJ value. */
- if (type & (USER | GROUP_OBJ | GROUP))
+ if (type & (USER | GROUP))
{
has_def_class_perm = true;
- /* Accommodate Windows: Never add SYSTEM and Admins
- perms to CLASS_OBJ perms. */
+ /* Accommodate Windows: Never add SYSTEM and Admins to
+ CLASS_OBJ. Unless (implicitely) if they are the
+ GROUP_OBJ entry. */
if (ace_sid != well_known_system_sid
&& ace_sid != well_known_admins_sid)
def_class_perm |= lacl[pos].a_perm;