* fhandler.cc (fhandler_base::open): Don't open file with WRITE_DAC

access on remote filesystem. Explain why. * fhandler_disk_file.cc (fhandler_disk_file::mkdir): Ditto for directories. * fhandler_socket.cc (fhandler_socket::bind): Ditto for sockets. * path.cc (symlink_worker): Ditto for symlinks.
2011-07-05 09:59:34 +00:00 · 2011-07-05 09:59:34 +00:00 · fcacca02dd
parent 3dce4ce653
commit fcacca02dd
5 changed files with 34 additions and 8 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,12 @@
+2011-07-05  Corinna Vinschen  <corinna@vinschen.de>
+
+	* fhandler.cc (fhandler_base::open): Don't open file with WRITE_DAC
+	access on remote filesystem.  Explain why.
+	* fhandler_disk_file.cc (fhandler_disk_file::mkdir): Ditto for
+	directories.
+	* fhandler_socket.cc (fhandler_socket::bind): Ditto for sockets.
+	* path.cc (symlink_worker): Ditto for symlinks.
+
 2011-07-04  Christopher Faylor  <me.cygwin2011@cgf.cx>

 	* environ.cc (tty_is_gone): Wrap warning at 80 characters.
--- a/winsup/cygwin/fhandler.cc
+++ b/winsup/cygwin/fhandler.cc
@ -613,11 +613,16 @@ fhandler_base::open (int flags, mode_t mode)
 	    /* If mode has no write bits set, and ACLs are not used, we set
 	       the DOS R/O attribute. */
 	    file_attributes |= FILE_ATTRIBUTE_READONLY;
-	  else if (!exists () && has_acls ())
+	  else if (!exists () && has_acls () && !isremote ())
 	    /* If we are about to create the file and the filesystem supports
 	       ACLs, we will overwrite the DACL after the call to NtCreateFile.
 	       This requires a handle with additional WRITE_DAC access,
-	       otherwise set_file_sd has to open the file again. */
+	       otherwise set_file_sd has to open the file again.
+	       FIXME: On remote NTFS shares open sometimes fails because even
+	       the creator of the file doesn't have the right to change the
+	       DACL.  I don't know what setting that is or howq to recognize
+	       such a share, so for now we don't request WRITE_DAC on remote
+	       drives. */
 	    access |= WRITE_DAC;

 	  /* The file attributes are needed for later use in, e.g. fchmod. */
--- a/winsup/cygwin/fhandler_disk_file.cc
+++ b/winsup/cygwin/fhandler_disk_file.cc
@ -1653,11 +1653,15 @@ fhandler_disk_file::mkdir (mode_t mode)
      nfs_attr->type = NF3DIR;
      nfs_attr->mode = (mode & 07777) & ~cygheap->umask;
    }
-  else if (has_acls ())
+  else if (has_acls () && !isremote ())
    /* If the filesystem supports ACLs, we will overwrite the DACL after the
       call to NtCreateFile.  This requires a handle with READ_CONTROL and
       WRITE_DAC access, otherwise get_file_sd and set_file_sd both have to
-       open the file again. */
+       open the file again.
+       FIXME: On remote NTFS shares open sometimes fails because even the
+       creator of the file doesn't have the right to change the DACL.
+       I don't know what setting that is or howq to recognize such a share,
+       so for now we don't request WRITE_DAC on remote drives. */
    access |= READ_CONTROL | WRITE_DAC;
  status = NtCreateFile (&dir, access, pc.get_object_attr (attr, sa), &io, NULL,
 			 FILE_ATTRIBUTE_DIRECTORY, FILE_SHARE_VALID_FLAGS,
--- a/winsup/cygwin/fhandler_socket.cc
+++ b/winsup/cygwin/fhandler_socket.cc
@ -970,8 +970,12 @@ fhandler_socket::bind (const struct sockaddr *name, int namelen)
      /* If the filesystem supports ACLs, we will overwrite the DACL after the
 	 call to NtCreateFile.  This requires a handle with READ_CONTROL and
 	 WRITE_DAC access, otherwise get_file_sd and set_file_sd both have to
-	 open the file again. */
-      if (pc.has_acls ())
+	 open the file again.
+	 FIXME: On remote NTFS shares open sometimes fails because even the
+	 creator of the file doesn't have the right to change the DACL.
+	 I don't know what setting that is or howq to recognize such a share,
+	 so for now we don't request WRITE_DAC on remote drives. */
+      if (pc.has_acls () && !pc.isremote ())
 	access |= READ_CONTROL | WRITE_DAC;

      status = NtCreateFile (&fh, access, pc.get_object_attr (attr, sa), &io,
--- a/winsup/cygwin/path.cc
+++ b/winsup/cygwin/path.cc
@ -1673,11 +1673,15 @@ symlink_worker (const char *oldpath, const char *newpath, bool use_winsym,
 	  goto done;
 	}
    }
-  else if (!isdevice && win32_newpath.has_acls ())
+  else if (!isdevice && win32_newpath.has_acls () && !win32_newpath.isremote ())
    /* If the filesystem supports ACLs, we will overwrite the DACL after the
       call to NtCreateFile.  This requires a handle with READ_CONTROL and
       WRITE_DAC access, otherwise get_file_sd and set_file_sd both have to
-       open the file again. */
+       open the file again.
+       FIXME: On remote NTFS shares open sometimes fails because even the
+       creator of the file doesn't have the right to change the DACL.
+       I don't know what setting that is or howq to recognize such a share,
+       so for now we don't request WRITE_DAC on remote drives. */
    access |= READ_CONTROL | WRITE_DAC;

  status = NtCreateFile (&fh, access, win32_newpath.get_object_attr (attr, sa),