From 3dbe243afa103716b4f6e227087d447afdd09fad Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Fri, 25 Sep 2009 13:44:45 +0000
Subject: Fix faccessat(,0) and access() semantics.

* fhandler.h (fhandler_base::fhaccess): Add parameter.
* security.h (check_file_access, check_registry_access): Likewise.
* security.cc (check_file_access, check_registry_access)
(check_access): Implement new parameter.
* fhandler.cc (fhandler_base::fhaccess): Likewise.
(device_access_denied): Update caller.
* syscalls.cc (access, faccessat): Update callers.
* spawn.cc (find_exec, fixup): Likewise.
---
 winsup/cygwin/security.cc | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index 00a8c32cd..c33be76c7 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -1,7 +1,7 @@
 /* security.cc: NT file access control functions
 
    Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
-   2006, 2007 Red Hat, Inc.
+   2006, 2007, 2008, 2009 Red Hat, Inc.
 
    Originaly written by Gunther Ebert, gunther.ebert@ixos-leipzig.de
    Completely rewritten by Corinna Vinschen <corinna@vinschen.de>
@@ -725,15 +725,16 @@ set_file_attribute (HANDLE handle, path_conv &pc,
 
 static int
 check_access (security_descriptor &sd, GENERIC_MAPPING &mapping,
-	      DWORD desired, int flags)
+	      DWORD desired, int flags, bool effective)
 {
   int ret = -1;
   BOOL status;
   DWORD granted;
   DWORD plen = sizeof (PRIVILEGE_SET) + 3 * sizeof (LUID_AND_ATTRIBUTES);
   PPRIVILEGE_SET pset = (PPRIVILEGE_SET) alloca (plen);
-  HANDLE tok = cygheap->user.issetuid () ? cygheap->user.imp_token ()
-					 : hProcImpToken;
+  HANDLE tok = ((effective && cygheap->user.issetuid ())
+		? cygheap->user.imp_token ()
+		: hProcImpToken);
 
   if (!tok && !DuplicateTokenEx (hProcToken, MAXIMUM_ALLOWED, NULL,
 				 SecurityImpersonation, TokenImpersonation,
@@ -794,7 +795,7 @@ check_access (security_descriptor &sd, GENERIC_MAPPING &mapping,
 }
 
 int
-check_file_access (path_conv &pc, int flags)
+check_file_access (path_conv &pc, int flags, bool effective)
 {
   security_descriptor sd;
   int ret = -1;
@@ -810,13 +811,13 @@ check_file_access (path_conv &pc, int flags)
   if (flags & X_OK)
     desired |= FILE_EXECUTE;
   if (!get_file_sd (NULL, pc, sd))
-    ret = check_access (sd, mapping, desired, flags);
+    ret = check_access (sd, mapping, desired, flags, effective);
   debug_printf ("flags %x, ret %d", flags, ret);
   return ret;
 }
 
 int
-check_registry_access (HANDLE hdl, int flags)
+check_registry_access (HANDLE hdl, int flags, bool effective)
 {
   security_descriptor sd;
   int ret = -1;
@@ -832,7 +833,7 @@ check_registry_access (HANDLE hdl, int flags)
   if (flags & X_OK)
     desired |= KEY_QUERY_VALUE;
   if (!get_reg_sd (hdl, sd))
-    ret = check_access (sd, mapping, desired, flags);
+    ret = check_access (sd, mapping, desired, flags, effective);
   /* As long as we can't write the registry... */
   if (flags & W_OK)
     {
-- 
cgit v1.2.3