From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <corinna@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2155)
	id 0F096385B53C; Fri, 21 Jul 2023 19:58:44 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0F096385B53C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1689969524;
	bh=Q6S1zDt3wxCI+c/POpsmpC5Iv26IcIKXzGuLi1ZNVsY=;
	h=From:To:Subject:Date:From;
	b=M1avW9Fsj/J/484TxK2HQ680JSg44EzL4BoVFEyttut+79BxUe2mMCmwcsBTmDbEU
	 XXYpmWpzfJvvgDaWHxKXTtwVsorZN7T8v6iUKUKLMbA8/jo2JlxPKIgv3sCklyZcl0
	 n+uCNeKByAT8yTzXIRkb4RHVLYZPDWJoDQegPMhQ=
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
From: Corinna Vinschen <corinna@sourceware.org>
To: cygwin-cvs@sourceware.org
Subject: [newlib-cygwin/main] Cygwin: get_posix_access: do not merge permissions for just created files
X-Act-Checkin: newlib-cygwin
X-Git-Author: Corinna Vinschen <corinna@vinschen.de>
X-Git-Refname: refs/heads/main
X-Git-Oldrev: 8b0b719d499f6025b56652d8282d5a52f3722dc4
X-Git-Newrev: 971d2dffea7848270aa9dfb5c14dcd946c8971c0
Message-Id: <20230721195844.0F096385B53C@sourceware.org>
Date: Fri, 21 Jul 2023 19:58:44 +0000 (GMT)
List-Id: <cygwin-cvs.sourceware.org>

https://sourceware.org/git/gitweb.cgi?p=3Dnewlib-cygwin.git;h=3D971d2dffea7=
848270aa9dfb5c14dcd946c8971c0

commit 971d2dffea7848270aa9dfb5c14dcd946c8971c0
Author:     Corinna Vinschen <corinna@vinschen.de>
AuthorDate: Fri Jul 21 21:49:54 2023 +0200
Commit:     Corinna Vinschen <corinna@vinschen.de>
CommitDate: Fri Jul 21 21:57:44 2023 +0200

    Cygwin: get_posix_access: do not merge permissions for just created fil=
es
   =20
    When creating the POSIX ACL rewrite, the code merging permissions from
    everyone/group to group/user ACEs was accidentally called for newly
    generated files as well.
   =20
    This could result in broken permissions, if umask used unusual values
    like "0100", granted permissions to everyone/group not granted to
    group/user.
   =20
    Make sure to skip permission merging if the file got just created and
    we only want to set correct permissions for the first time.
   =20
    Fixes: bc444e5aa4ca ("Reapply POSIX ACL changes.")
    Reported-by: Jon Turney <jon.turney@dronecode.org.uk>
    Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

Diff:
---
 winsup/cygwin/sec/acl.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/winsup/cygwin/sec/acl.cc b/winsup/cygwin/sec/acl.cc
index 2fd08ad62579..db86f9e9e023 100644
--- a/winsup/cygwin/sec/acl.cc
+++ b/winsup/cygwin/sec/acl.cc
@@ -1103,7 +1103,7 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
     pos =3D MAX_ACL_ENTRIES;
=20
   /* For old-style or non-Cygwin ACLs, check for merging permissions. */
-  if (!new_style)
+  if (!just_created && !new_style)
     for (idx =3D 0; idx < pos; ++idx)
       {
 	if (lacl[idx].a_type & (USER_OBJ | USER)