diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2011-03-08 17:26:15 +0300 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2011-03-08 17:26:15 +0300 |
| commit | 69d7815eae1b235e4ca81bbc22293402435da2da (patch) | |
| tree | 58ca20e6dcdcc57afbf8f1199f950c621a6767fa /winsup/cygwin/security.cc | |
| parent | 6777e53972bd4587dca1d740a9b9e0622d5016ba (diff) | |
* fhandler.cc (fhandler_base::open): When creating a file on a
filesystem supporting ACLs, create the file with WRITE_DAC access.
Explain why.
* fhandler_disk_file.cc (fhandler_disk_file::mkdir): Ditto for
directories.
* fhandler_socket.cc (fhandler_socket::bind): Ditto for sockets.
* path.cc (symlink_worker): Ditto for symlinks.
* security.cc (get_file_sd): Always call GetSecurityInfo for directories
on XP and Server 2003. Improve comment to explain why.
(set_file_attribute): Explicitely cast mode_t value to bool in call to
get_file_sd.
* wincap.h (wincaps::use_get_sec_info_on_dirs): New element.
* wincap.cc: Implement above element throughout.
Diffstat (limited to 'winsup/cygwin/security.cc')
| -rw-r--r-- | winsup/cygwin/security.cc | 38 |
1 files changed, 24 insertions, 14 deletions
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 73b740c1d..6d8d6dba5 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -43,21 +43,31 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, { if (fh) { - if (justcreated) + /* Amazing but true. If you want to know if an ACE is inherited + from the parent object, you can't use the NtQuerySecurityObject + function. In the DACL returned by this functions, the + INHERITED_ACE flag is never set. Only by calling GetSecurityInfo + you get this information. + + However, this functionality is slow, and the extra information is + only required when the file has been created and the permissions + are about to be set to POSIX permissions. Therefore we only use + it in case the file just got created. In all other cases we + rather call NtQuerySecurityObject directly... + + ...except that there's a problem on 5.1 and 5.2 kernels. The + GetSecurityInfo call on a file sometimes returns with + ERROR_INVALID_ADDRESS if a former request for the SD of the + parent directory (or one of the parent directories?) used the + NtQuerySecurityObject call, rather than GetSecurityInfo as well. + As soon as all directory SDs are fetched using GetSecurityInfo, + the problem disappears. */ + if (justcreated + || (pc.isdir () && wincap.use_get_sec_info_on_dirs ())) { - /* Amazing but true. If you want to know if an ACE is inherited - from the parent object, you can't use the NtQuerySecurityObject - function. In the DACL returned by this functions, the - INHERITED_ACE flag is never set. Only by calling - GetSecurityInfo you get this information. - - This functionality is slow, and the extra information is only - required when the file has been created and the permissions - are about to be set to POSIX permissions. Therefore we only - use it in case the file just got created. In all other cases - we rather call NtQuerySecurityObject directly. */ PSECURITY_DESCRIPTOR psd; - error = GetSecurityInfo (fh, SE_FILE_OBJECT, ALL_SECURITY_INFORMATION, + error = GetSecurityInfo (fh, SE_FILE_OBJECT, + ALL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &psd); if (error == ERROR_SUCCESS) { @@ -876,7 +886,7 @@ set_file_attribute (HANDLE handle, path_conv &pc, { security_descriptor sd; - if (!get_file_sd (handle, pc, sd, attribute & S_JUSTCREATED) + if (!get_file_sd (handle, pc, sd, (bool)(attribute & S_JUSTCREATED)) && alloc_sd (pc, uid, gid, attribute, sd)) ret = set_file_sd (handle, pc, sd, uid != ILLEGAL_UID || gid != ILLEGAL_GID); |