diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2015-09-03 20:29:55 +0300 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2015-11-19 00:44:33 +0300 |
| commit | 645913109673c36cebf19d407a6e3e3a4a6288db (patch) | |
| tree | f972c23f4d79efcc7da83404c6eef8a690e63e3c /winsup | |
| parent | 4dc3deea8949d830c0a1442023bf1335841d5bcf (diff) | |
Fix file type mode bit handling on object security.
* fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag
in call to create_object_sd_from_attribute.
(fhandler_pty_slave::fstat): Ditto in call to get_object_attribute.
(fhandler_pty_slave::fchmod): Add an orig_mode flag and ditto for
both calls.
(fhandler_pty_master::setup): Ditto in call to
create_object_sd_from_attribute.
* security.cc (get_object_attribute): Never add S_IFCHR to mode
here. Let the caller decide.
(create_object_sd_from_attribute): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diffstat (limited to 'winsup')
| -rw-r--r-- | winsup/cygwin/ChangeLog | 13 | ||||
| -rw-r--r-- | winsup/cygwin/fhandler_tty.cc | 16 | ||||
| -rw-r--r-- | winsup/cygwin/security.cc | 7 |
3 files changed, 24 insertions, 12 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 690d5bc4b..f4238de66 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,5 +1,18 @@ 2015-11-18 Corinna Vinschen <corinna@vinschen.de> + * fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag + in call to create_object_sd_from_attribute. + (fhandler_pty_slave::fstat): Ditto in call to get_object_attribute. + (fhandler_pty_slave::fchmod): Add an orig_mode flag and ditto for + both calls. + (fhandler_pty_master::setup): Ditto in call to + create_object_sd_from_attribute. + * security.cc (get_object_attribute): Never add S_IFCHR to mode + here. Let the caller decide. + (create_object_sd_from_attribute): Ditto. + +2015-11-18 Corinna Vinschen <corinna@vinschen.de> + * security.h (authz_get_user_attribute): Declare bool. * sec_helper.cc (authz_ctx::get_user_attribute): Make bool method. Set S_IxOTH bits in returned attributes rather than S_IxUSR bits. diff --git a/winsup/cygwin/fhandler_tty.cc b/winsup/cygwin/fhandler_tty.cc index 93fb22b77..ee37ed48c 100644 --- a/winsup/cygwin/fhandler_tty.cc +++ b/winsup/cygwin/fhandler_tty.cc @@ -390,7 +390,8 @@ fhandler_pty_slave::open (int flags, mode_t) RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION); SECURITY_ATTRIBUTES sa = { sizeof (SECURITY_ATTRIBUTES), NULL, TRUE }; if (!create_object_sd_from_attribute (myself->uid, myself->gid, - S_IRUSR | S_IWUSR | S_IWGRP, sd)) + S_IFCHR | S_IRUSR | S_IWUSR | S_IWGRP, + sd)) sa.lpSecurityDescriptor = (PSECURITY_DESCRIPTOR) sd; acquire_output_mutex (INFINITE); inuse = get_ttyp ()->create_inuse (&sa); @@ -1034,6 +1035,7 @@ fhandler_pty_slave::fstat (struct stat *st) if (input_available_event) to_close = true; } + st->st_mode = S_IFCHR; if (!input_available_event || get_object_attribute (input_available_event, &st->st_uid, &st->st_gid, &st->st_mode)) @@ -1167,6 +1169,7 @@ fhandler_pty_slave::fchmod (mode_t mode) security_descriptor sd; uid_t uid; gid_t gid; + mode_t orig_mode = S_IFCHR; if (!input_available_event) { @@ -1176,8 +1179,8 @@ fhandler_pty_slave::fchmod (mode_t mode) } sd.malloc (sizeof (SECURITY_DESCRIPTOR)); RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION); - if (!get_object_attribute (input_available_event, &uid, &gid, NULL) - && !create_object_sd_from_attribute (uid, gid, mode, sd)) + if (!get_object_attribute (input_available_event, &uid, &gid, &orig_mode) + && !create_object_sd_from_attribute (uid, gid, S_IFCHR | mode, sd)) ret = fch_set_sd (sd, false); errout: if (to_close) @@ -1190,10 +1193,10 @@ fhandler_pty_slave::fchown (uid_t uid, gid_t gid) { int ret = -1; bool to_close = false; - mode_t mode = 0; + security_descriptor sd; uid_t o_uid; gid_t o_gid; - security_descriptor sd; + mode_t mode = S_IFCHR; if (uid == ILLEGAL_UID && gid == ILLEGAL_GID) return 0; @@ -1754,7 +1757,8 @@ fhandler_pty_master::setup () sd.malloc (sizeof (SECURITY_DESCRIPTOR)); RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION); if (!create_object_sd_from_attribute (myself->uid, myself->gid, - S_IRUSR | S_IWUSR | S_IWGRP, sd)) + S_IFCHR | S_IRUSR | S_IWUSR | S_IWGRP, + sd)) sa.lpSecurityDescriptor = (PSECURITY_DESCRIPTOR) sd; /* Carefully check that the input_available_event didn't already exist. diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index ac25d71c4..4e02bca2e 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -401,14 +401,9 @@ get_object_attribute (HANDLE handle, uid_t *uidret, gid_t *gidret, mode_t *attribute) { security_descriptor sd; - mode_t attr = S_IFCHR; if (get_object_sd (handle, sd)) return -1; - if (attribute) - *attribute |= S_IFCHR; - else - attribute = &attr; return get_posix_access (sd, attribute, uidret, gidret, NULL, 0) >= 0 ? 0 : -1; } @@ -417,7 +412,7 @@ int create_object_sd_from_attribute (uid_t uid, gid_t gid, mode_t attribute, security_descriptor &sd) { - return set_posix_access (S_IFCHR | attribute, uid, gid, NULL, 0, sd, false) + return set_posix_access (attribute, uid, gid, NULL, 0, sd, false) ? 0 : -1; } |