public inbox for cygwin-cvs@sourceware.org
help / color / mirror / Atom feed
From: Corinna Vinschen <corinna@sourceware.org>
To: cygwin-cvs@sourceware.org
Subject: [newlib-cygwin/main] Cygwin: mkdir: use correct default permissions filtered by umask
Date: Thu, 9 Feb 2023 21:01:33 +0000 (GMT) [thread overview]
Message-ID: <20230209210133.5DFD83858C74@sourceware.org> (raw)
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=283583c5f24000dc4a5872725d21c4313d13350f
commit 283583c5f24000dc4a5872725d21c4313d13350f
Author: Corinna Vinschen <corinna@vinschen.de>
AuthorDate: Thu Feb 9 21:25:03 2023 +0100
Commit: Corinna Vinschen <corinna@vinschen.de>
CommitDate: Thu Feb 9 21:58:07 2023 +0100
Cygwin: mkdir: use correct default permissions filtered by umask
Older coreutils created directories with mode bits filtered through
umask. Newer coreutils creates directories with full permissions,
0777 by default.
This new coreutils behaviour uncovered the fact that default ACEs for
newly created directories were not filtered by umask starting with
commit bc444e5aa4ca.
Fix it by applying umask on the default ACEs.
Fixes: bc444e5aa4ca ("Reapply POSIX ACL change.")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/release/3.4.6 | 3 +++
winsup/cygwin/sec/base.cc | 8 +++++---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/winsup/cygwin/release/3.4.6 b/winsup/cygwin/release/3.4.6
index c21c44fbf55a..f9288dc79994 100644
--- a/winsup/cygwin/release/3.4.6
+++ b/winsup/cygwin/release/3.4.6
@@ -6,3 +6,6 @@ Addresses: https://cygwin.com/pipermail/cygwin/2023-January/252916.html
Don't reject valid server and share names when mounting.
Addresses: https://cygwin.com/pipermail/cygwin/2023-January/252928.html
+
+Create directories with correctly umask-filtered default ACEs.
+Addresses: https://cygwin.com/pipermail/cygwin/2023-February/253037.html
diff --git a/winsup/cygwin/sec/base.cc b/winsup/cygwin/sec/base.cc
index dc85ca72acbe..e84bc2aee7f1 100644
--- a/winsup/cygwin/sec/base.cc
+++ b/winsup/cygwin/sec/base.cc
@@ -495,23 +495,25 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr)
S_ISGID bit is set, propagate it. */
if (S_ISDIR (attr))
{
+ mode_t def_attr = attr & ~cygheap->umask;
+
if (searchace (aclp, nentries, DEF_USER_OBJ) < 0)
{
aclp[nentries].a_type = DEF_USER_OBJ;
aclp[nentries].a_id = ILLEGAL_UID;
- aclp[nentries++].a_perm = (attr >> 6) & S_IRWXO;
+ aclp[nentries++].a_perm = (def_attr >> 6) & S_IRWXO;
}
if (searchace (aclp, nentries, DEF_GROUP_OBJ) < 0)
{
aclp[nentries].a_type = DEF_GROUP_OBJ;
aclp[nentries].a_id = ILLEGAL_GID;
- aclp[nentries++].a_perm = (attr >> 3) & S_IRWXO;
+ aclp[nentries++].a_perm = (def_attr >> 3) & S_IRWXO;
}
if (searchace (aclp, nentries, DEF_OTHER_OBJ) < 0)
{
aclp[nentries].a_type = DEF_OTHER_OBJ;
aclp[nentries].a_id = ILLEGAL_UID;
- aclp[nentries++].a_perm = attr & S_IRWXO;
+ aclp[nentries++].a_perm = def_attr & S_IRWXO;
}
if (attr_rd & S_ISGID)
attr |= S_ISGID;
reply other threads:[~2023-02-09 21:01 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230209210133.5DFD83858C74@sourceware.org \
--to=corinna@sourceware.org \
--cc=cygwin-cvs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).