This is the mail archive of the
cygwin-cvs@cygwin.com
mailing list for the Cygwin project.
[newlib-cygwin] get_posix_access: Fix computation of effective user permissions
- From: Corinna Vinschen <corinna at sourceware dot org>
- To: cygwin-cvs at sourceware dot org
- Date: 18 Nov 2015 22:12:50 -0000
- Subject: [newlib-cygwin] get_posix_access: Fix computation of effective user permissions
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=a5d81afc71440ff782890abf1cf0986d724f42ac
commit a5d81afc71440ff782890abf1cf0986d724f42ac
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Tue Nov 10 09:57:53 2015 +0100
get_posix_access: Fix computation of effective user permissions
* sec_acl.cc (get_posix_access): Fix computation of effective user
permissions to handle current user, not only the file owner.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 5 +++++
winsup/cygwin/sec_acl.cc | 4 ++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index f4238de..4491123 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,10 @@
2015-11-18 Corinna Vinschen <corinna@vinschen.de>
+ * sec_acl.cc (get_posix_access): Fix computation of effective user
+ permissions to handle current user, not only the file owner.
+
+2015-11-18 Corinna Vinschen <corinna@vinschen.de>
+
* fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag
in call to create_object_sd_from_attribute.
(fhandler_pty_slave::fstat): Ditto in call to get_object_attribute.
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index ec6aa7f..a9e1dea 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -1023,8 +1023,8 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
user permissions are correctly reflecting the Windows
permissions. */
if (cygheap->pg.nss_pwd_db ()
- && authz_get_user_attribute (&perm, psd, owner_sid))
- lacl[0].a_perm = perm;
+ && authz_get_user_attribute (&perm, psd, aclsid[idx]))
+ lacl[idx].a_perm = perm;
/* Otherwise we only check the current user. If the user entry
has a deny ACE, don't check. */
else if (lacl[idx].a_id == myself->uid