[newlib-cygwin] Fix merging group perms into owner perms in owner == group case

Thu, 16 Apr 2015 13:45:53 -0700 

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=e26cf1c5d71a4f63eb23a075a555868bdbe3970f

commit e26cf1c5d71a4f63eb23a075a555868bdbe3970f
Author: Corinna Vinschen <[email protected]>
Date:   Thu Apr 16 22:27:49 2015 +0200

    Fix merging group perms into owner perms in owner == group case
    
            * sec_acl.cc (set_posix_access): Move merging group perms into owner
            perms in case of owner == group after mask has been computed.  Take
            mask into account when doing so to avoid unnecessary 
ACCESS_DENIED_ACE.
    
    Signed-off-by: Corinna Vinschen <[email protected]>

Diff:
---
 winsup/cygwin/ChangeLog  |  6 ++++++
 winsup/cygwin/sec_acl.cc | 10 +++++-----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index bd5ea55..2ecafa0 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,11 @@
 2015-04-16  Corinna Vinschen  <[email protected]>
 
+       * sec_acl.cc (set_posix_access): Move merging group perms into owner
+       perms in case of owner == group after mask has been computed.  Take
+       mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
+
+2015-04-16  Corinna Vinschen  <[email protected]>
+
        * sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
        the ACCESS_ALLOWED_ACE.
 
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index 1855bb6..b25e9b3 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -274,11 +274,6 @@ set_posix_access (mode_t attr, uid_t uid, gid_t gid,
       tmp_idx = searchace (aclbufp, nentries, def | OTHER_OBJ);
       other_obj = aclbufp[tmp_idx].a_perm;
 
-      /* Do we potentially chmod a file with owner SID == group SID?  If so,
-        make sure the owner perms are always >= group perms. */
-      if (!def && owner_eq_group)
-         aclbufp[0].a_perm |= group_obj;
-
       /* ... class_obj.  Create Cygwin ACE.  Only the S_ISGID attribute gets
         inherited. */
       access = CYG_ACE_ISBITS_TO_WIN (def ? attr & S_ISGID : attr);
@@ -300,6 +295,11 @@ set_posix_access (mode_t attr, uid_t uid, gid_t gid,
                                  inherit))
        return NULL;
 
+      /* Do we potentially chmod a file with owner SID == group SID?  If so,
+        make sure the owner perms are always >= group perms. */
+      if (!def && owner_eq_group)
+         aclbufp[0].a_perm |= group_obj & class_obj;
+
       /* This loop has two runs, the first w/ check_types == (USER_OBJ | USER),
         the second w/ check_types == (GROUP_OBJ | GROUP).  Each run creates
         first the deny, then the allow ACEs for the current types. */

Reply via email to