diff options
author | Corinna Vinschen <corinna@vinschen.de> | 2011-03-08 17:26:15 +0300 |
---|---|---|
committer | Corinna Vinschen <corinna@vinschen.de> | 2011-03-08 17:26:15 +0300 |
commit | 69d7815eae1b235e4ca81bbc22293402435da2da (patch) | |
tree | 58ca20e6dcdcc57afbf8f1199f950c621a6767fa /winsup/cygwin/path.cc | |
parent | 6777e53972bd4587dca1d740a9b9e0622d5016ba (diff) |
* fhandler.cc (fhandler_base::open): When creating a file on a
filesystem supporting ACLs, create the file with WRITE_DAC access.
Explain why.
* fhandler_disk_file.cc (fhandler_disk_file::mkdir): Ditto for
directories.
* fhandler_socket.cc (fhandler_socket::bind): Ditto for sockets.
* path.cc (symlink_worker): Ditto for symlinks.
* security.cc (get_file_sd): Always call GetSecurityInfo for directories
on XP and Server 2003. Improve comment to explain why.
(set_file_attribute): Explicitely cast mode_t value to bool in call to
get_file_sd.
* wincap.h (wincaps::use_get_sec_info_on_dirs): New element.
* wincap.cc: Implement above element throughout.
Diffstat (limited to 'winsup/cygwin/path.cc')
-rw-r--r-- | winsup/cygwin/path.cc | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index f6704fb8a..4a7c11692 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -1415,6 +1415,7 @@ symlink_worker (const char *oldpath, const char *newpath, bool use_winsym, IO_STATUS_BLOCK io; NTSTATUS status; HANDLE fh; + ULONG access = DELETE | FILE_GENERIC_WRITE; tmp_pathbuf tp; unsigned check_opt; bool mk_winsym = use_winsym; @@ -1671,8 +1672,14 @@ symlink_worker (const char *oldpath, const char *newpath, bool use_winsym, goto done; } } - status = NtCreateFile (&fh, DELETE | FILE_GENERIC_WRITE, - win32_newpath.get_object_attr (attr, sa), + else if (!isdevice && win32_newpath.has_acls ()) + /* If the filesystem supports ACLs, we will overwrite the DACL after the + call to NtCreateFile. This requires a handle with READ_CONTROL and + WRITE_DAC access, otherwise get_file_sd and set_file_sd both have to + open the file again. */ + access |= READ_CONTROL | WRITE_DAC; + + status = NtCreateFile (&fh, access, win32_newpath.get_object_attr (attr, sa), &io, NULL, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_VALID_FLAGS, isdevice ? FILE_OVERWRITE_IF : FILE_CREATE, |