This is the mail archive of the
cygwin-cvs@cygwin.com
mailing list for the Cygwin project.
[newlib-cygwin] Fix merging group perms into owner perms in owner == group case
- From: Corinna Vinschen <corinna at sourceware dot org>
- To: cygwin-cvs at sourceware dot org
- Date: 16 Apr 2015 20:45:33 -0000
- Subject: [newlib-cygwin] Fix merging group perms into owner perms in owner == group case
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=e26cf1c5d71a4f63eb23a075a555868bdbe3970f
commit e26cf1c5d71a4f63eb23a075a555868bdbe3970f
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Thu Apr 16 22:27:49 2015 +0200
Fix merging group perms into owner perms in owner == group case
* sec_acl.cc (set_posix_access): Move merging group perms into owner
perms in case of owner == group after mask has been computed. Take
mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 6 ++++++
winsup/cygwin/sec_acl.cc | 10 +++++-----
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index bd5ea55..2ecafa0 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,11 @@
2015-04-16 Corinna Vinschen <corinna@vinschen.de>
+ * sec_acl.cc (set_posix_access): Move merging group perms into owner
+ perms in case of owner == group after mask has been computed. Take
+ mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
+
+2015-04-16 Corinna Vinschen <corinna@vinschen.de>
+
* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
the ACCESS_ALLOWED_ACE.
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index 1855bb6..b25e9b3 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -274,11 +274,6 @@ set_posix_access (mode_t attr, uid_t uid, gid_t gid,
tmp_idx = searchace (aclbufp, nentries, def | OTHER_OBJ);
other_obj = aclbufp[tmp_idx].a_perm;
- /* Do we potentially chmod a file with owner SID == group SID? If so,
- make sure the owner perms are always >= group perms. */
- if (!def && owner_eq_group)
- aclbufp[0].a_perm |= group_obj;
-
/* ... class_obj. Create Cygwin ACE. Only the S_ISGID attribute gets
inherited. */
access = CYG_ACE_ISBITS_TO_WIN (def ? attr & S_ISGID : attr);
@@ -300,6 +295,11 @@ set_posix_access (mode_t attr, uid_t uid, gid_t gid,
inherit))
return NULL;
+ /* Do we potentially chmod a file with owner SID == group SID? If so,
+ make sure the owner perms are always >= group perms. */
+ if (!def && owner_eq_group)
+ aclbufp[0].a_perm |= group_obj & class_obj;
+
/* This loop has two runs, the first w/ check_types == (USER_OBJ | USER),
the second w/ check_types == (GROUP_OBJ | GROUP). Each run creates
first the deny, then the allow ACEs for the current types. */