From 69d7815eae1b235e4ca81bbc22293402435da2da Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Tue, 8 Mar 2011 14:26:15 +0000 Subject: * fhandler.cc (fhandler_base::open): When creating a file on a filesystem supporting ACLs, create the file with WRITE_DAC access. Explain why. * fhandler_disk_file.cc (fhandler_disk_file::mkdir): Ditto for directories. * fhandler_socket.cc (fhandler_socket::bind): Ditto for sockets. * path.cc (symlink_worker): Ditto for symlinks. * security.cc (get_file_sd): Always call GetSecurityInfo for directories on XP and Server 2003. Improve comment to explain why. (set_file_attribute): Explicitely cast mode_t value to bool in call to get_file_sd. * wincap.h (wincaps::use_get_sec_info_on_dirs): New element. * wincap.cc: Implement above element throughout. --- winsup/cygwin/security.cc | 38 ++++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) (limited to 'winsup/cygwin/security.cc') diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 73b740c1d..6d8d6dba5 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -43,21 +43,31 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, { if (fh) { - if (justcreated) + /* Amazing but true. If you want to know if an ACE is inherited + from the parent object, you can't use the NtQuerySecurityObject + function. In the DACL returned by this functions, the + INHERITED_ACE flag is never set. Only by calling GetSecurityInfo + you get this information. + + However, this functionality is slow, and the extra information is + only required when the file has been created and the permissions + are about to be set to POSIX permissions. Therefore we only use + it in case the file just got created. In all other cases we + rather call NtQuerySecurityObject directly... + + ...except that there's a problem on 5.1 and 5.2 kernels. The + GetSecurityInfo call on a file sometimes returns with + ERROR_INVALID_ADDRESS if a former request for the SD of the + parent directory (or one of the parent directories?) used the + NtQuerySecurityObject call, rather than GetSecurityInfo as well. + As soon as all directory SDs are fetched using GetSecurityInfo, + the problem disappears. */ + if (justcreated + || (pc.isdir () && wincap.use_get_sec_info_on_dirs ())) { - /* Amazing but true. If you want to know if an ACE is inherited - from the parent object, you can't use the NtQuerySecurityObject - function. In the DACL returned by this functions, the - INHERITED_ACE flag is never set. Only by calling - GetSecurityInfo you get this information. - - This functionality is slow, and the extra information is only - required when the file has been created and the permissions - are about to be set to POSIX permissions. Therefore we only - use it in case the file just got created. In all other cases - we rather call NtQuerySecurityObject directly. */ PSECURITY_DESCRIPTOR psd; - error = GetSecurityInfo (fh, SE_FILE_OBJECT, ALL_SECURITY_INFORMATION, + error = GetSecurityInfo (fh, SE_FILE_OBJECT, + ALL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &psd); if (error == ERROR_SUCCESS) { @@ -876,7 +886,7 @@ set_file_attribute (HANDLE handle, path_conv &pc, { security_descriptor sd; - if (!get_file_sd (handle, pc, sd, attribute & S_JUSTCREATED) + if (!get_file_sd (handle, pc, sd, (bool)(attribute & S_JUSTCREATED)) && alloc_sd (pc, uid, gid, attribute, sd)) ret = set_file_sd (handle, pc, sd, uid != ILLEGAL_UID || gid != ILLEGAL_GID); -- cgit v1.2.3