Cygwin: get_posix_access: don't drop admin and system perms in default ACL

The permissions of entries for SYSTEM and the Administrators group
are not added to the CLASS_OBJ entry, so they don't set the class
perms to rwx all the time.

This shouldn't be done for default perms, otherwise the resulting
permissions when generating new files might be surprisingly restricted
for Admins and SYSTEM.

Fixes: bc444e5aa4ca ("Reapply POSIX ACL changes.")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

1 files changed, 0 insertions, 5 deletions

diff --git a/winsup/cygwin/sec/acl.cc b/winsup/cygwin/sec/acl.cc
index a73fae3..d68bebf 100644
--- a/winsup/cygwin/sec/acl.cc
+++ b/winsup/cygwin/sec/acl.cc
@@ -995,11 +995,6 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
 		  if (type & (USER | GROUP))
 		    {
 		      has_def_class_perm = true;
-		      /* Accommodate Windows: Never add SYSTEM and Admins to
-			 CLASS_OBJ.  Unless (implicitly) if they are the
-			 GROUP_OBJ entry. */
-		      if (ace_sid != well_known_system_sid
-			  && ace_sid != well_known_admins_sid)
 		      def_class_perm |= lacl[pos].a_perm;
 		    }
 		  /* And note the position of the DEF_GROUP_OBJ entry. */