This is the mail archive of the
cygwin-cvs@cygwin.com
mailing list for the Cygwin project.
[newlib-cygwin] Use correct gid value for Microsoft Account when /etc/group is in use
- From: Corinna Vinschen <corinna at sourceware dot org>
- To: cygwin-cvs at sourceware dot org
- Date: 29 Nov 2015 19:26:59 -0000
- Subject: [newlib-cygwin] Use correct gid value for Microsoft Account when /etc/group is in use
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=47e7288769ac6e215a40e3a606c78adaebcfb266
commit 47e7288769ac6e215a40e3a606c78adaebcfb266
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Sun Nov 29 20:26:48 2015 +0100
Use correct gid value for Microsoft Account when /etc/group is in use
* sec_acl.cc (get_posix_access): In case owner SID == group SID, when
encountering the group entry, change the value of `id' accordingly.
Explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 6 ++++++
winsup/cygwin/sec_acl.cc | 14 ++++++++++++--
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 8bffa81..4644d35 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,9 @@
+2015-11-29 Corinna Vinschen <corinna@vinschen.de>
+
+ * sec_acl.cc (get_posix_access): In case owner SID == group SID, when
+ encountering the group entry, change the value of `id' accordingly.
+ Explain why.
+
2015-11-28 Corinna Vinschen <corinna@vinschen.de>
* gendef (sigdelayed): Save and restore content of the MXCSR register
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index f632410..5b1705e 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -811,6 +811,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
if (owner_eq_group && !saw_group_obj)
{
type = GROUP_OBJ;
+ /* Gid and uid are not necessarily the same even if the
+ SID is the same: /etc/group is in use and the user got
+ added to /etc/group using another gid than the uid.
+ This is a border case but it happened and resetting id
+ to gid is not much of a burden. */
+ id = gid;
if (ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
saw_group_obj = true;
}
@@ -871,8 +877,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
if (saw_def_user_obj)
{
if (owner_eq_group && !saw_def_group_obj && attr & S_ISGID)
- type = GROUP_OBJ; /* This needs post-processing in the
- following GROUP_OBJ handling... */
+ {
+ /* This needs post-processing in the following GROUP_OBJ
+ handling... Set id to ILLEGAL_GID to play it safe. */
+ type = GROUP_OBJ;
+ id = ILLEGAL_GID;
+ }
else
type = USER;
}