if S_ISVTX attribute is given.
* dir.cc (mkdir): Allow immediate setting of S_ISUID, S_ISGID and
S_ISVTX attribute.
* syscalls.cc (_open): Ditto.
+Tue Aug 7 18:11:00 2001 Corinna Vinschen <corinna@vinschen.de>
+
+ * security.cc (alloc_sd): Don't set FILE_DELETE_CHILD for group
+ if S_ISVTX attribute is given.
+ * dir.cc (mkdir): Allow immediate setting of S_ISUID, S_ISGID and
+ S_ISVTX attribute.
+ * syscalls.cc (_open): Ditto.
+
Tue Aug 7 16:24:00 2001 Corinna Vinschen <corinna@vinschen.de>
* dir.cc (mkdir): Set security attributes correctly for
goto done;
if (allow_ntsec && real_dir.has_acls ())
- set_security_attribute (S_IFDIR | ((mode & 0777) & ~cygheap->umask),
+ set_security_attribute (S_IFDIR | ((mode & 07777) & ~cygheap->umask),
&sa, alloca (256), 256);
if (CreateDirectoryA (real_dir.get_win32 (), &sa))
{
if (!allow_ntsec && allow_ntea)
set_file_attribute (real_dir.has_acls (), real_dir.get_win32 (),
- S_IFDIR | ((mode & 0777) & ~cygheap->umask));
+ S_IFDIR | ((mode & 07777) & ~cygheap->umask));
res = 0;
}
else
if (attribute & S_IXGRP)
group_allow |= FILE_GENERIC_EXECUTE;
if ((attribute & (S_IFDIR | S_IWGRP | S_IXGRP))
- == (S_IFDIR | S_IWGRP | S_IXGRP))
+ == (S_IFDIR | S_IWGRP | S_IXGRP)
+ && !(attribute & S_ISVTX))
group_allow |= FILE_DELETE_CHILD;
/* Construct allow attribute for everyone. */
set_errno (ENMFILE);
else if ((fh = cygheap->fdtab.build_fhandler (fd, unix_path, NULL)) == NULL)
res = -1; // errno already set
- else if (!fh->open (unix_path, flags, (mode & 0777) & ~cygheap->umask))
+ else if (!fh->open (unix_path, flags, (mode & 07777) & ~cygheap->umask))
{
cygheap->fdtab.release (fd);
res = -1;
OSDN Git Service
