ntsec: inheritance, sec_acl and chown
Corinna Vinschen
cygwin-patches@cygwin.com
Sun Jan 12 11:41:00 GMT 2003
On Wed, Jan 08, 2003 at 10:31:42PM -0500, Pierre A. Humblet wrote:
> 2003/01/07 Pierre Humblet <pierre.humblet@ieee.org>
>
> * sec_acl.cc (search_ace): Use id == -1, instead of < 0, as wildcard.
> (setacl): Start the search for a matching default at the next entry.
> Invalidate the type of merged entries instead of clearing it.
> Use well_known_creator for default owner and owning group and do
> not try to merge non-default and default entries in these cases.
> (getacl): Recognize well_known_creator for default owner and group.
> (acl_worker): Improve errno settings and streamline the nontsec case.
> * security.cc (write_sd): Remove the call to set_process_privilege.
> (alloc_sd): If the owner changes, call set_process_privilege and return
> immediately on failure. Change inheritance rules: on new directories add
> inherit only allow ACEs for creator_owner, creator_group and everyone.
> Preserve all inheritances through chmod and chown calls. Introduce
> isownergroup to implement the uid == gid case, to keep the inheritance
> code simple. Do not initialize owner_sid and group_sid and stop using
> the variable psd.
Finally applied. Good work, IMHO!
Let's test this a week before releasing 1.3.19, ok?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
More information about the Cygwin-patches
mailing list