This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
Re: ntsec: inheritance, sec_acl and chown
- From: Corinna Vinschen <cygwin-patches at cygwin dot com>
- To: cygwin-patches at cygwin dot com
- Date: Sun, 12 Jan 2003 12:41:14 +0100
- Subject: Re: ntsec: inheritance, sec_acl and chown
- References: <3.0.5.32.20030108223142.00833940@mail.attbi.com>
On Wed, Jan 08, 2003 at 10:31:42PM -0500, Pierre A. Humblet wrote:
> 2003/01/07 Pierre Humblet <pierre.humblet@ieee.org>
>
> * sec_acl.cc (search_ace): Use id == -1, instead of < 0, as wildcard.
> (setacl): Start the search for a matching default at the next entry.
> Invalidate the type of merged entries instead of clearing it.
> Use well_known_creator for default owner and owning group and do
> not try to merge non-default and default entries in these cases.
> (getacl): Recognize well_known_creator for default owner and group.
> (acl_worker): Improve errno settings and streamline the nontsec case.
> * security.cc (write_sd): Remove the call to set_process_privilege.
> (alloc_sd): If the owner changes, call set_process_privilege and return
> immediately on failure. Change inheritance rules: on new directories add
> inherit only allow ACEs for creator_owner, creator_group and everyone.
> Preserve all inheritances through chmod and chown calls. Introduce
> isownergroup to implement the uid == gid case, to keep the inheritance
> code simple. Do not initialize owner_sid and group_sid and stop using
> the variable psd.
Finally applied. Good work, IMHO!
Let's test this a week before releasing 1.3.19, ok?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.