diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index e2f504fb4..fc87d8e5f 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,14 @@ +Tue Aug 7 16:24:00 2001 Corinna Vinschen + + * dir.cc (mkdir): Set security attributes correctly for + CreateDirectoryA () call if ntsec is on. Don't call + set_file_attributes () then. + * fhandler.cc (fhandler_base::open): Ditto for CreateFileA () call. + * path.cc (symlink): Ditto. + * security.cc (set_security_attribute): New function. + * security.h: Add declaration for `allow_ntea' and + `set_security_attribute'. + Tue Aug 7 10:54:00 2001 Corinna Vinschen * grp.cc (class grp_check): New class. Make `group_state' diff --git a/winsup/cygwin/dir.cc b/winsup/cygwin/dir.cc index 45fc011b9..022a8d663 100644 --- a/winsup/cygwin/dir.cc +++ b/winsup/cygwin/dir.cc @@ -305,6 +305,7 @@ extern "C" int mkdir (const char *dir, mode_t mode) { int res = -1; + SECURITY_ATTRIBUTES sa = sec_none_nih; path_conv real_dir (dir, PC_SYM_NOFOLLOW); @@ -318,10 +319,15 @@ mkdir (const char *dir, mode_t mode) if (! writable_directory (real_dir.get_win32 ())) goto done; - if (CreateDirectoryA (real_dir.get_win32 (), 0)) + if (allow_ntsec && real_dir.has_acls ()) + set_security_attribute (S_IFDIR | ((mode & 0777) & ~cygheap->umask), + &sa, alloca (256), 256); + + if (CreateDirectoryA (real_dir.get_win32 (), &sa)) { - set_file_attribute (real_dir.has_acls (), real_dir.get_win32 (), - S_IFDIR | ((mode & 0777) & ~cygheap->umask)); + if (!allow_ntsec && allow_ntea) + set_file_attribute (real_dir.has_acls (), real_dir.get_win32 (), + S_IFDIR | ((mode & 0777) & ~cygheap->umask)); res = 0; } else diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc index ca912cb1e..98b80b938 100644 --- a/winsup/cygwin/fhandler.cc +++ b/winsup/cygwin/fhandler.cc @@ -300,6 +300,7 @@ fhandler_base::open (int flags, mode_t mode) int file_attributes; int shared; int creation_distribution; + SECURITY_ATTRIBUTES sa = sec_none; syscall_printf ("(%s, %p)", get_win32_name (), flags); @@ -382,14 +383,20 @@ fhandler_base::open (int flags, mode_t mode) set_errno (ENOENT); goto done; } + + /* If the file should actually be created and ntsec is on, + set files attributes. */ + if (flags & O_CREAT && get_device () == FH_DISK && allow_ntsec && has_acls ()) + set_security_attribute (mode, &sa, alloca (256), 256); + x = CreateFileA (get_win32_name (), access, shared, - &sec_none, creation_distribution, + &sa, creation_distribution, file_attributes, 0); syscall_printf ("%p = CreateFileA (%s, %p, %p, %p, %p, %p, 0)", x, get_win32_name (), access, shared, - &sec_none, creation_distribution, + &sa, creation_distribution, file_attributes); if (x == INVALID_HANDLE_VALUE) @@ -401,9 +408,12 @@ fhandler_base::open (int flags, mode_t mode) goto done; } - // Attributes may be set only if a file is _really_ created. + /* Attributes may be set only if a file is _really_ created. + This code is now only used for ntea here since the files + security attributes are set in CreateFile () now. */ if (flags & O_CREAT && get_device () == FH_DISK - && GetLastError () != ERROR_ALREADY_EXISTS) + && GetLastError () != ERROR_ALREADY_EXISTS + && !allow_ntsec && allow_ntea) set_file_attribute (has_acls (), get_win32_name (), mode); namehash = hash_path_name (0, get_win32_name ()); diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index bd032d759..65c09525a 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -2395,6 +2395,7 @@ symlink (const char *topath, const char *frompath) char cwd[MAX_PATH + 1], *cp = NULL, c = 0; char w32topath[MAX_PATH + 1]; DWORD written; + SECURITY_ATTRIBUTES sa = sec_none_nih; win32_path.check (frompath, PC_SYM_NOFOLLOW); if (allow_winsymlinks && !win32_path.error) @@ -2456,7 +2457,11 @@ symlink (const char *topath, const char *frompath) } } - h = CreateFileA(win32_path, GENERIC_WRITE, 0, &sec_none_nih, + if (allow_ntsec && win32_path.has_acls ()) + set_security_attribute (S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO, + &sa, alloca (256), 256); + + h = CreateFileA(win32_path, GENERIC_WRITE, 0, &sa, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, 0); if (h == INVALID_HANDLE_VALUE) __seterrno (); @@ -2499,9 +2504,10 @@ symlink (const char *topath, const char *frompath) if (success) { CloseHandle (h); - set_file_attribute (win32_path.has_acls (), - win32_path.get_win32 (), - S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO); + if (!allow_ntsec && allow_ntea) + set_file_attribute (win32_path.has_acls (), + win32_path.get_win32 (), + S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO); SetFileAttributesA (win32_path.get_win32 (), allow_winsymlinks ? FILE_ATTRIBUTE_READONLY : FILE_ATTRIBUTE_SYSTEM); diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index a1619f577..d41d0a174 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -1553,6 +1553,23 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute, return psd; } +void +set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa, + void *sd_buf, DWORD sd_buf_size) +{ + /* symlinks are anything for everyone!*/ + if ((attribute & S_IFLNK) == S_IFLNK) + attribute |= S_IRWXU | S_IRWXG | S_IRWXO; + + psa->lpSecurityDescriptor = sd_buf; + InitializeSecurityDescriptor ((PSECURITY_DESCRIPTOR)sd_buf, + SECURITY_DESCRIPTOR_REVISION); + psa->lpSecurityDescriptor = alloc_sd (geteuid (), getegid (), + cygheap->user.logsrv (), + attribute, (PSECURITY_DESCRIPTOR)sd_buf, + &sd_buf_size); +} + static int set_nt_attribute (const char *file, uid_t uid, gid_t gid, const char *logsrv, int attribute) @@ -1583,10 +1600,6 @@ set_file_attribute (int use_ntsec, const char *file, uid_t uid, gid_t gid, int attribute, const char *logsrv) { - /* symlinks are anything for everyone!*/ - if ((attribute & S_IFLNK) == S_IFLNK) - attribute |= S_IRWXU | S_IRWXG | S_IRWXO; - int ret = 0; if (use_ntsec && allow_ntsec) diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 49c41c8cb..e2060802b 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -151,6 +151,7 @@ legal_sid_type (SID_NAME_USE type) || type == SidTypeAlias || type == SidTypeWellKnownGroup; } +extern BOOL allow_ntea; extern BOOL allow_ntsec; extern BOOL allow_smbntsec; @@ -171,6 +172,9 @@ LONG __stdcall write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_ BOOL __stdcall add_access_allowed_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit); BOOL __stdcall add_access_denied_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit); +void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa, + void *sd_buf, DWORD sd_buf_size); + /* Try a subauthentication. */ HANDLE subauth (struct passwd *pw); /* Try creating a token directly. */