diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2009-10-30 22:58:53 +0300 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2009-10-30 22:58:53 +0300 |
| commit | b42441d32b5a08a8d0e192535aaf7230236b2865 (patch) | |
| tree | 43e5eef49ba6368ed8932a5405ed50f6d8805489 /winsup/cygwin/fhandler_socket.cc | |
| parent | 53be6f3df61def98835a5b665064e2501986ccbd (diff) | |
* sec_helper.cc (security_descriptor::free): If sd_size is 0, call
LocalFree instead of ::free.
* sec_acl.cc: Throughout replace old ACE flag definitions with current
definitions as used in MSDN man pages.
* security.cc: Ditto.
* fhandler.cc (fhandler_base::open): Make sure file has really been
just created before fixing file permissions. Add S_JUSTCREATED
attribute to set_file_attribute call.
* fhandler_disk_file.cc (fhandler_disk_file::mkdir): Always create dir
with default security descriptor and fix descriptor afterwards.
Add S_JUSTCREATED flag to set_file_attribute call.
* fhandler_socket.cc (fhandler_socket::bind): Ditto for AF_LOCAL
socket files.
* path.cc (symlink_worker): Ditto for symlinks.
* security.cc (get_file_sd): Call GetSecurityInfo rather than
NtQuerySecurityObject. Explain why. Change error handling accordingly.
(alloc_sd): Skip non-inherited, non-standard entries in ACL if
S_JUSTCREATED attribute is set. Explain why. Minor format fixes.
* security.h (S_JUSTCREATED): New define.
(security_descriptor::operator=): New operator.
Diffstat (limited to 'winsup/cygwin/fhandler_socket.cc')
| -rw-r--r-- | winsup/cygwin/fhandler_socket.cc | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/winsup/cygwin/fhandler_socket.cc b/winsup/cygwin/fhandler_socket.cc index 5f1ab2776..a1cfce30f 100644 --- a/winsup/cygwin/fhandler_socket.cc +++ b/winsup/cygwin/fhandler_socket.cc @@ -890,15 +890,11 @@ fhandler_socket::bind (const struct sockaddr *name, int namelen) if (!(mode & (S_IWUSR | S_IWGRP | S_IWOTH))) fattr |= FILE_ATTRIBUTE_READONLY; SECURITY_ATTRIBUTES sa = sec_none_nih; - security_descriptor sd; - /* See comments in fhander_base::open () for an explanation why we defer - setting security attributes on remote files. */ - if (pc.has_acls () && !pc.isremote ()) - set_security_attribute (pc, mode, &sa, sd); NTSTATUS status; HANDLE fh; OBJECT_ATTRIBUTES attr; IO_STATUS_BLOCK io; + status = NtCreateFile (&fh, DELETE | FILE_GENERIC_WRITE, pc.get_object_attr (attr, sa), &io, NULL, fattr, FILE_SHARE_VALID_FLAGS, FILE_CREATE, @@ -915,8 +911,9 @@ fhandler_socket::bind (const struct sockaddr *name, int namelen) } else { - if (pc.has_acls () && pc.isremote ()) - set_file_attribute (fh, pc, ILLEGAL_UID, ILLEGAL_GID, mode); + if (pc.has_acls ()) + set_file_attribute (fh, pc, ILLEGAL_UID, ILLEGAL_GID, + S_JUSTCREATED | mode); char buf[sizeof (SOCKET_COOKIE) + 80]; __small_sprintf (buf, "%s%u %c ", SOCKET_COOKIE, sin.sin_port, get_socket_type () == SOCK_STREAM ? 's' |