From 6db85570262ee0314002d187ee7c935e58577578 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Wed, 25 Feb 2015 11:38:48 +0000 Subject: [PATCH] * security.cc (alloc_sd): Add temporary workaround which disallows any secondary user to have more permissions than the primary group in calls to chmod. Add comment to explain why. --- winsup/cygwin/ChangeLog | 6 ++++++ winsup/cygwin/security.cc | 11 ++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index e8323bb61..7a338a466 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,9 @@ +2015-02-25 Corinna Vinschen + + * security.cc (alloc_sd): Add temporary workaround which disallows + any secondary user to have more permissions than the primary group + in calls to chmod. Add comment to explain why. + 2015-02-25 Corinna Vinschen * uinfo.cc (client_request_pwdgrp::client_request_pwdgrp): Add missing diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 4c46e05d9..c2318063e 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -1,7 +1,7 @@ /* security.cc: NT file access control functions Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, - 2008, 2009, 2010, 2011, 2012, 2013, 2014 Red Hat, Inc. + 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Red Hat, Inc. Originaly written by Gunther Ebert, gunther.ebert@ixos-leipzig.de Completely rewritten by Corinna Vinschen @@ -776,6 +776,15 @@ alloc_sd (path_conv &pc, uid_t uid, gid_t gid, int attribute, inheritable ACEs are preceding non-inheritable ACEs. */ ace->Header.AceFlags &= ~INHERITED_ACE; } + else if (uid == ILLEGAL_UID && gid == ILLEGAL_UID + && ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE) + /* FIXME: Temporary workaround for the problem that chmod does + not affect the group permissions if other users and groups + in the ACL have more permissions than the primary group due + to the CLASS_OBJ emulation. The temporary workaround is to + disallow any secondary ACE in the ACL more permissions than + the primary group when writing a new ACL via chmod. */ + ace->Mask &= group_allow; /* * Add unrelated ACCESS_DENIED_ACE to the beginning but * behind the owner_deny, ACCESS_ALLOWED_ACE to the end.