Throughout drop allow_ntsec and allow_smbntsec handling.

	* environ.cc (set_ntsec): Remove.
	(set_smbntsec): Remove.
	(known): Remove ntsec and smbntsec options.
	* external.cc (check_ntsec): Return true if no filename is given.
	* mount.cc (oopts): Add "acl" and "noacl" options.  Set MOUNT_NOACL
	flag accordingly.
	(fillout_mntent): Handle MOUNT_NOACL flag.
	* path.h (enum path_types): Add PATH_NOACL.
	* security.cc (allow_ntsec): Remove.
	(allow_smbntsec): Remove.
	* security.h (allow_ntsec): Drop declaration.
	(allow_smbntsec): Drop declaration.
	* include/sys/mount.h (MOUNT_NOACL): Define.

1 files changed, 3 insertions, 4 deletions

diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc
index 4d4d0d83d..410e0b815 100644
--- a/winsup/cygwin/fhandler.cc
+++ b/winsup/cygwin/fhandler.cc
@@ -374,13 +374,12 @@ fhandler_base::fhaccess (int flags)
   else if (has_attribute (FILE_ATTRIBUTE_READONLY) && (flags & W_OK)
 	   && !pc.isdir ())
     goto eaccess_done;
-  else if (has_acls () && allow_ntsec)
+  else if (has_acls ())
     {
       res = check_file_access (pc, flags);
       goto done;
     }
-  else if (get_device () == FH_REGISTRY && allow_ntsec && open (O_RDONLY, 0)
-	   && get_handle ())
+  else if (get_device () == FH_REGISTRY && open (O_RDONLY, 0) && get_handle ())
     {
       res = check_registry_access (get_handle (), flags);
       close ();
@@ -588,7 +587,7 @@ fhandler_base::open (int flags, mode_t mode)
 	     descriptor matches.  The result is that the file gets created, but
 	     then NtCreateFile doesn't return a handle to the file and fails
 	     with STATUS_ACCESS_DENIED.  Go figure! */
-	  if (allow_ntsec && has_acls ())
+	  if (has_acls ())
 	    {
 	      set_security_attribute (mode, &sa, sd);
 	      attr.SecurityDescriptor = sa.lpSecurityDescriptor;