From c0ae23dc47de2d2ea8fa98b7cca386f0ccf24a07 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Tue, 7 Aug 2001 16:14:59 +0000
Subject:         * security.cc (alloc_sd): Don't set FILE_DELETE_CHILD for
 group         if S_ISVTX attribute is given.         * dir.cc (mkdir): Allow
 immediate setting of S_ISUID, S_ISGID and         S_ISVTX attribute.        
 * syscalls.cc (_open): Ditto.

---
 winsup/cygwin/security.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index d41d0a174..5a778e902 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -1393,7 +1393,8 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
   if (attribute & S_IXGRP)
     group_allow |= FILE_GENERIC_EXECUTE;
   if ((attribute & (S_IFDIR | S_IWGRP | S_IXGRP))
-      == (S_IFDIR | S_IWGRP | S_IXGRP))
+      == (S_IFDIR | S_IWGRP | S_IXGRP)
+      && !(attribute & S_ISVTX))
     group_allow |= FILE_DELETE_CHILD;
 
   /* Construct allow attribute for everyone. */
-- 
cgit v1.2.3