diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2014-09-03 16:46:19 +0400 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2014-09-03 16:46:19 +0400 |
| commit | e5110581dc54f917049b2619562334e88611c1fc (patch) | |
| tree | 1451922883943c583139b3664c148e38e6ae86e3 | |
| parent | ef1e66cfbf607b3b0c04cf32bff5e2dc7c32be03 (diff) | |
* sec_acl.cc (aclcheck32): Check for required default entries as well.
Enable check for missing CLASS_OBJ entries, now that setfacl creates
them.
| -rw-r--r-- | winsup/cygwin/ChangeLog | 6 | ||||
| -rw-r--r-- | winsup/cygwin/sec_acl.cc | 16 |
2 files changed, 14 insertions, 8 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index afe851f59..34111d538 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,9 @@ +2014-09-03 Corinna Vinschen <corinna@vinschen.de> + + * sec_acl.cc (aclcheck32): Check for required default entries as well. + Enable check for missing CLASS_OBJ entries, now that setfacl creates + them. + 2014-09-02 Corinna Vinschen <corinna@vinschen.de> * sec_acl.cc (aclsort32): Set errno to EINVAL if aclcheck32 failed. diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc index fab77c99a..51f1c9964 100644 --- a/winsup/cygwin/sec_acl.cc +++ b/winsup/cygwin/sec_acl.cc @@ -628,6 +628,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which) bool has_other_obj = false; bool has_class_obj = false; bool has_ug_objs __attribute__ ((unused)) = false; + bool has_def_objs __attribute__ ((unused)) = false; bool has_def_user_obj __attribute__ ((unused)) = false; bool has_def_group_obj = false; bool has_def_other_obj = false; @@ -692,7 +693,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which) *which = pos; return USER_ERROR; } - has_def_user_obj = true; + has_def_objs = has_def_user_obj = true; break; case DEF_GROUP_OBJ: if (has_def_group_obj) @@ -701,7 +702,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which) *which = pos; return GRP_ERROR; } - has_def_group_obj = true; + has_def_objs = has_def_group_obj = true; break; case DEF_OTHER_OBJ: if (has_def_other_obj) @@ -710,7 +711,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which) *which = pos; return OTHER_ERROR; } - has_def_other_obj = true; + has_def_objs = has_def_other_obj = true; break; case DEF_CLASS_OBJ: if (has_def_class_obj) @@ -719,7 +720,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which) *which = pos; return CLASS_ERROR; } - has_def_class_obj = true; + has_def_objs = has_def_class_obj = true; break; case DEF_USER: case DEF_GROUP: @@ -730,7 +731,7 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which) *which = pos2; return DUPLICATE_ERROR; } - has_def_ug_objs = true; + has_def_objs = has_def_ug_objs = true; break; default: return ENTRY_ERROR; @@ -738,11 +739,10 @@ aclcheck32 (aclent_t *aclbufp, int nentries, int *which) if (!has_user_obj || !has_group_obj || !has_other_obj -#if 0 - /* These checks are not ok yet since CLASS_OBJ isn't fully implemented. */ + || (has_def_objs + && (!has_def_user_obj || !has_def_group_obj || !has_def_other_obj)) || (has_ug_objs && !has_class_obj) || (has_def_ug_objs && !has_def_class_obj) -#endif ) { if (which) |