This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
Re: ntsec: inheritance, sec_acl and chown
On Sun, Jan 12, 2003 at 12:41:14PM +0100, Corinna Vinschen wrote:
>On Wed, Jan 08, 2003 at 10:31:42PM -0500, Pierre A. Humblet wrote:
>> 2003/01/07 Pierre Humblet <pierre.humblet@ieee.org>
>>
>> * sec_acl.cc (search_ace): Use id == -1, instead of < 0, as wildcard.
>> (setacl): Start the search for a matching default at the next entry.
>> Invalidate the type of merged entries instead of clearing it.
>> Use well_known_creator for default owner and owning group and do
>> not try to merge non-default and default entries in these cases.
>> (getacl): Recognize well_known_creator for default owner and group.
>> (acl_worker): Improve errno settings and streamline the nontsec case.
>> * security.cc (write_sd): Remove the call to set_process_privilege.
>> (alloc_sd): If the owner changes, call set_process_privilege and return
>> immediately on failure. Change inheritance rules: on new directories add
>> inherit only allow ACEs for creator_owner, creator_group and everyone.
>> Preserve all inheritances through chmod and chown calls. Introduce
>> isownergroup to implement the uid == gid case, to keep the inheritance
>> code simple. Do not initialize owner_sid and group_sid and stop using
>> the variable psd.
>
>Finally applied. Good work, IMHO!
>
>Let's test this a week before releasing 1.3.19, ok?
AGH. If I knew that we were going to wait a week, I would have just
released 1.3.19. 1.3.18 has some serious problems that I want to
rectify.
cgf