This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

ntsec: inheritance, sec_acl and chown

From: "Pierre A. Humblet" <Pierre dot Humblet at ieee dot org>
To: cygwin-patches at cygwin dot com
Date: Wed, 08 Jan 2003 22:31:42 -0500
Subject: ntsec: inheritance, sec_acl and chown

Corinna,

here are
- a refresh of what I had sent before the holidays.
- a fix for chown

Pierre

2003/01/07  Pierre Humblet  <pierre.humblet@ieee.org>

	* sec_acl.cc (search_ace): Use id == -1, instead of < 0, as wildcard.
	(setacl): Start the search for a matching default at the next entry.
	Invalidate the type of merged entries instead of clearing it.
	Use well_known_creator for default owner and owning group and do 
	not try to merge non-default and default entries in these cases.
	(getacl): Recognize well_known_creator for default owner and group.
	(acl_worker): Improve errno settings and streamline the nontsec case.
	* security.cc (write_sd): Remove the call to set_process_privilege.
	(alloc_sd): If the owner changes, call set_process_privilege and return
	immediately on failure. Change inheritance rules: on new directories add
	inherit only allow ACEs for creator_owner, creator_group and everyone. 
	Preserve all inheritances through chmod and chown calls. Introduce 
	isownergroup to implement the uid == gid case, to keep the inheritance 
	code simple. Do not initialize owner_sid and group_sid and stop using 
	the variable psd.

Attachment: final.diff
Description: Text document

Follow-Ups:
- Re: ntsec: inheritance, sec_acl and chown
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]