diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2000-03-16 19:35:18 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2000-03-16 19:35:18 +0000 |
| commit | 5d4af61e5d20cb18f7b3276f4af080e2e0c9c619 (patch) | |
| tree | 1f59bb15ee8cd13432c9eaf4810fd5563a7032aa /winsup | |
| parent | 6bc4ac717b435a6dc491ffc6f942dfd84c59232a (diff) | |
| download | newlib-5d4af61e5d20cb18f7b3276f4af080e2e0c9c619.zip newlib-5d4af61e5d20cb18f7b3276f4af080e2e0c9c619.tar.gz newlib-5d4af61e5d20cb18f7b3276f4af080e2e0c9c619.tar.bz2 | |
* security.cc (set_process_privileges): Removed `static'.
(get_nt_attribute): Returns uid and gid additionally. Removed call
to set_process_privileges().
(get_file_attribute): Returns uid and gid additionally. Don't
call ntea if ntsec is ON.
(set_nt_attribute): Removed call to set_process_privileges().
Don't call ntea if ntsec is ON.
(acl): Removed call to set_process_privileges().
* dcrt0.cc (dll_crt0_1): Calls set_process_privileges() now.
* winsup.h: New prototype for set_process_privileges(),
changed prototype for get_file_attribute().
* fhandler.cc (get_file_owner): Discarded.
(get_file_group): Ditto.
(fhandler_disk_file::fstat): Discard calls to get_file_owner() and
get_file_group().
* path.cc (path_conv::path_conv): Added debugging output for result
of GetVolumeInformation().
(mount_info::conv_to_win32_path): Call backslashify() with pathbuf
instead of src_path.
* syscalls.cc (chown): Reformatted.
(chmod): Replace get_file_owner() and get_file_group() calls
by a call to get_file_attribute(). Discard local variable has_acls.
Slightly reformatted.
(stat_worker): Replaced idiot's (it's me) root dir check by call
to rootdir(). Don't call num_entries() on remote drives.
Discard local variable has_acls.
Diffstat (limited to 'winsup')
| -rw-r--r-- | winsup/cygwin/ChangeLog | 29 | ||||
| -rw-r--r-- | winsup/cygwin/dcrt0.cc | 4 | ||||
| -rw-r--r-- | winsup/cygwin/fhandler.cc | 56 | ||||
| -rw-r--r-- | winsup/cygwin/path.cc | 16 | ||||
| -rw-r--r-- | winsup/cygwin/security.cc | 81 | ||||
| -rw-r--r-- | winsup/cygwin/syscalls.cc | 53 | ||||
| -rw-r--r-- | winsup/cygwin/winsup.h | 4 |
7 files changed, 123 insertions, 120 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 3b1b448..8ac9807 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,32 @@ +Thu Mar 16 14:15:00 2000 Corinna Vinschen <corinna@vinschen.de> + + * security.cc (set_process_privileges): Removed `static'. + (get_nt_attribute): Returns uid and gid additionally. Removed call + to set_process_privileges(). + (get_file_attribute): Returns uid and gid additionally. Don't + call ntea if ntsec is ON. + (set_nt_attribute): Removed call to set_process_privileges(). + Don't call ntea if ntsec is ON. + (acl): Removed call to set_process_privileges(). + * dcrt0.cc (dll_crt0_1): Calls set_process_privileges() now. + * winsup.h: New prototype for set_process_privileges(), + changed prototype for get_file_attribute(). + * fhandler.cc (get_file_owner): Discarded. + (get_file_group): Ditto. + (fhandler_disk_file::fstat): Discard calls to get_file_owner() and + get_file_group(). + * path.cc (path_conv::path_conv): Added debugging output for result + of GetVolumeInformation(). + (mount_info::conv_to_win32_path): Call backslashify() with pathbuf + instead of src_path. + * syscalls.cc (chown): Reformatted. + (chmod): Replace get_file_owner() and get_file_group() calls + by a call to get_file_attribute(). Discard local variable has_acls. + Slightly reformatted. + (stat_worker): Replaced idiot's (it's me) root dir check by call + to rootdir(). Don't call num_entries() on remote drives. + Discard local variable has_acls. + Wed Mar 15 20:38:06 2000 Corinna Vinschen <corinna@vinschen.de> * errno.cc: Map ERROR_NOACCESS to EFAULT. diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc index 4029d6c..3ef42ee 100644 --- a/winsup/cygwin/dcrt0.cc +++ b/winsup/cygwin/dcrt0.cc @@ -638,6 +638,10 @@ dll_crt0_1 () threadname_init (); debug_init (); + /* Allow backup semantics. It's better done only once on process start + instead of each time a file is opened. */ + set_process_privileges (); + /* Initialize SIGSEGV handling, etc... Because the exception handler references data in the shared area, this must be done after shared_init. */ diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc index c3219aa..2aba80d 100644 --- a/winsup/cygwin/fhandler.cc +++ b/winsup/cygwin/fhandler.cc @@ -114,54 +114,6 @@ fhandler_base::get_readahead_into_buffer (char *buf, size_t buflen) return copied_chars; } -uid_t __stdcall -get_file_owner (int use_ntsec, const char *filename) -{ - if (use_ntsec && allow_ntsec) - { - extern LONG ReadSD(const char *, PSECURITY_DESCRIPTOR, LPDWORD); - DWORD sd_size = 4096; - char psd_buffer[4096]; - PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) psd_buffer; - PSID psid; - BOOL bOwnerDefaulted = TRUE; - - if (ReadSD (filename, psd, &sd_size) <= 0) - return getuid(); - - if (!GetSecurityDescriptorOwner (psd, &psid, &bOwnerDefaulted)) - return getuid (); - - return psid ? get_uid_from_sid (psid) : getuid (); - } - - return getuid(); -} - -gid_t __stdcall -get_file_group (int use_ntsec, const char *filename) -{ - if (use_ntsec && allow_ntsec) - { - extern LONG ReadSD(const char *, PSECURITY_DESCRIPTOR, LPDWORD); - DWORD sd_size = 4096; - char psd_buffer[4096]; - PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) psd_buffer; - PSID psid; - BOOL bGroupDefaulted = TRUE; - - if (ReadSD (filename, psd, &sd_size) <= 0) - return getgid(); - - if (!GetSecurityDescriptorGroup (psd, &psid, &bGroupDefaulted)) - return getgid (); - - return psid ? get_gid_from_sid (psid) : getuid (); - } - - return getgid (); -} - /**********************************************************************/ /* fhandler_base */ @@ -959,14 +911,16 @@ fhandler_disk_file::fstat (struct stat *buf) buf->st_blksize = S_BLKSIZE; buf->st_blocks = (buf->st_size + S_BLKSIZE-1) / S_BLKSIZE; - buf->st_uid = get_file_owner (has_acls (), get_win32_name ()); - buf->st_gid = get_file_group (has_acls (), get_win32_name ()); /* Using a side effect: get_file_attibutes checks for directory. This is used, to set S_ISVTX, if needed. */ if (local.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) buf->st_mode |= S_IFDIR; - if (! get_file_attribute (has_acls (), get_win32_name (), &buf->st_mode)) + if (! get_file_attribute (has_acls (), + get_win32_name (), + &buf->st_mode, + &buf->st_uid, + &buf->st_gid)) { /* If read-only attribute is set, modify ntsec return value */ if (local.dwFileAttributes & FILE_ATTRIBUTE_READONLY) diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index 4613c63..8aa8bbc 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -380,9 +380,17 @@ out: strcpy (root, full_path); if (!rootdir (root) || !GetVolumeInformation (root, NULL, 0, &serial, NULL, &volflags, NULL, 0)) - set_has_acls (FALSE); + { + debug_printf ("GetVolumeInformation(%s) = ERR, full_path(%s), set_has_acls(FALSE)", + root, full_path, GetLastError ()); + set_has_acls (FALSE); + } else - set_has_acls (volflags & FS_PERSISTENT_ACLS); + { + debug_printf ("GetVolumeInformation(%s) = OK, full_path(%s), set_has_acls(%d)", + root, full_path, volflags & FS_PERSISTENT_ACLS); + set_has_acls (volflags & FS_PERSISTENT_ACLS); + } } #define deveq(s) (strcasematch (name, (s))) @@ -997,7 +1005,7 @@ mount_info::conv_to_win32_path (const char *src_path, char *win32_path, if (slash_drive_prefix_p (pathbuf)) slash_drive_to_win32_path (pathbuf, dst, trailing_slash_p); else - backslashify (src_path, dst, trailing_slash_p); /* just convert */ + backslashify (pathbuf, dst, trailing_slash_p); /* just convert */ *flags = 0; } else @@ -2370,7 +2378,7 @@ get_current_directory_name () /* getcwd */ -static char * +char * getcwd_inner (char *buf, size_t ulen, int posix_p) { char *resbuf = NULL; diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 6778fb2..0314009 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -532,7 +532,7 @@ WriteSD(const char *file, PSECURITY_DESCRIPTOR sdBuf, DWORD sdBufSize) return 0; } -static int +int set_process_privileges () { HANDLE hProcess = NULL; @@ -597,16 +597,14 @@ out: } static int -get_nt_attribute (const char *file, int *attribute) +get_nt_attribute (const char *file, int *attribute, + uid_t *uidret, gid_t *gidret) { if (os_being_run != winNT) return 0; syscall_printf ("file: %s", file); - if (set_process_privileges () < 0) - return -1; - /* Yeah, sounds too much, but I've seen SDs of 2100 bytes! */ DWORD sd_size = 4096; char sd_buf[4096]; @@ -638,16 +636,29 @@ get_nt_attribute (const char *file, int *attribute) return -1; } + uid_t uid = get_uid_from_sid (owner_sid); + gid_t gid = get_gid_from_sid (group_sid); + if (uidret) + *uidret = uid; + if (gidret) + *gidret = gid; + + if (! attribute) + { + syscall_printf ("file: %s uid %d, gid %d", uid, gid); + return 0; + } + + BOOL grp_member = is_grp_member (uid, gid); + if (! acl_exists || ! acl) { *attribute |= S_IRWXU | S_IRWXG | S_IRWXO; - syscall_printf ("file: %s No ACL = %x", file, *attribute); + syscall_printf ("file: %s No ACL = %x, uid %d, gid %d", + file, *attribute, uid, gid); return 0; } - BOOL grp_member = is_grp_member (get_uid_from_sid (owner_sid), - get_gid_from_sid (group_sid)); - ACCESS_ALLOWED_ACE *ace; int allow = 0; int deny = 0; @@ -722,38 +733,35 @@ get_nt_attribute (const char *file, int *attribute) *attribute &= ~(S_IRWXU|S_IRWXG|S_IRWXO|S_ISVTX); *attribute |= allow; *attribute &= ~deny; - syscall_printf ("file: %s %x", file, *attribute); + syscall_printf ("file: %s %x, uid %d, gid %d", file, *attribute, uid, gid); return 0; } int -get_file_attribute (int use_ntsec, const char *file, int *attribute) +get_file_attribute (int use_ntsec, const char *file, int *attribute, + uid_t *uidret, gid_t *gidret) { - if (!attribute) - { - set_errno (EINVAL); - return -1; - } + if (use_ntsec && allow_ntsec) + return get_nt_attribute (file, attribute, uidret, gidret); - int res; + if (uidret) + *uidret = getuid (); + if (gidret) + *gidret = getgid (); - if (use_ntsec && allow_ntsec) - { - res = get_nt_attribute (file, attribute); - if (!res) - return 0; - } + if (! attribute) + return 0; - res = NTReadEA (file, ".UNIXATTR", (char *) attribute, sizeof (*attribute)); + int res = NTReadEA (file, ".UNIXATTR", + (char *) attribute, sizeof (*attribute)); // symlinks are anything for everyone! if ((*attribute & S_IFLNK) == S_IFLNK) *attribute |= S_IRWXU | S_IRWXG | S_IRWXO; - if (res > 0) - return 0; - set_errno (ENOSYS); - return -1; + if (res <= 0) + set_errno (ENOSYS); + return res > 0 ? 0 : -1; } BOOL add_access_allowed_ace (PACL acl, int offset, DWORD attributes, @@ -1020,9 +1028,6 @@ set_nt_attribute (const char *file, uid_t uid, gid_t gid, if (os_being_run != winNT) return 0; - if (set_process_privileges () < 0) - return -1; - DWORD sd_size = 4096; char sd_buf[4096]; PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) sd_buf; @@ -1050,11 +1055,10 @@ set_file_attribute (int use_ntsec, const char *file, if ((attribute & S_IFLNK) == S_IFLNK) attribute |= S_IRWXU | S_IRWXG | S_IRWXO; - BOOL ret = NTWriteEA (file, ".UNIXATTR", - (char *) &attribute, sizeof (attribute)); if (!use_ntsec || !allow_ntsec) { - if (! ret) + if (! NTWriteEA (file, ".UNIXATTR", + (char *) &attribute, sizeof (attribute))) { __seterrno (); return -1; @@ -1062,10 +1066,10 @@ set_file_attribute (int use_ntsec, const char *file, return 0; } - int ret2 = set_nt_attribute (file, uid, gid, logsrv, attribute); + int ret = set_nt_attribute (file, uid, gid, logsrv, attribute); syscall_printf ("%d = set_file_attribute (%s, %d, %d, %p)", - ret2, file, uid, gid, attribute); - return ret2; + ret, file, uid, gid, attribute); + return ret; } int @@ -1518,9 +1522,6 @@ extern "C" int acl (const char *path, int cmd, int nentries, aclent_t *aclbufp) { - if (set_process_privileges () < 0) - return -1; - path_conv real_path (path); if (real_path.error) { diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index 9b03f58..e93fe6e 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -659,7 +659,9 @@ chown (const char * name, uid_t uid, gid_t gid) attrib |= S_IFDIR; int has_acls; has_acls = allow_ntsec && win32_path.has_acls (); - res = get_file_attribute (has_acls, win32_path.get_win32 (), (int *) &attrib); + res = get_file_attribute (has_acls, + win32_path.get_win32 (), + (int *) &attrib); if (!res) res = set_file_attribute (win32_path.has_acls (), win32_path.get_win32 (), @@ -723,14 +725,15 @@ chmod (const char *path, mode_t mode) SetFileAttributesA (win32_path.get_win32 (), attr & ~FILE_ATTRIBUTE_READONLY); - int has_acls = allow_ntsec && win32_path.has_acls (); - uid_t uid = get_file_owner (has_acls, win32_path.get_win32 ()); - if (! set_file_attribute (has_acls, win32_path.get_win32 (), - uid, - get_file_group (has_acls, - win32_path.get_win32 ()), - mode, - myself->logsrv) + uid_t uid; + gid_t gid; + get_file_attribute (win32_path.has_acls (), + win32_path.get_win32 (), + NULL, &uid, &gid); + if (! set_file_attribute (win32_path.has_acls (), + win32_path.get_win32 (), + uid, gid, + mode, myself->logsrv) && allow_ntsec) res = 0; @@ -903,7 +906,8 @@ stat_worker (const char *caller, const char *name, struct stat *buf, int res = -1; int atts; char *win32_name; - char drive[4] = "X:\\"; + char root[MAX_PATH]; + UINT dtype; MALLOC_CHECK; debug_printf ("%s (%s, %p)", caller, name, buf); @@ -945,14 +949,13 @@ stat_worker (const char *caller, const char *name, struct stat *buf, debug_printf ("%d = GetFileAttributesA (%s)", atts, win32_name); - drive[0] = win32_name[0]; - UINT dtype; + strcpy (root, win32_name); + dtype = GetDriveType (rootdir (root)); if (atts == -1 || !(atts & FILE_ATTRIBUTE_DIRECTORY) || (os_being_run == winNT - && (((dtype = GetDriveType (drive)) != DRIVE_NO_ROOT_DIR - //&& dtype != DRIVE_REMOTE - && dtype != DRIVE_UNKNOWN)))) + && dtype != DRIVE_NO_ROOT_DIR + && dtype != DRIVE_UNKNOWN)) { fhandler_disk_file fh (NULL); @@ -961,28 +964,30 @@ stat_worker (const char *caller, const char *name, struct stat *buf, { res = fh.fstat (buf); fh.close (); + /* See the comment 10 lines below */ if (atts != -1 && (atts & FILE_ATTRIBUTE_DIRECTORY)) - buf->st_nlink = num_entries (win32_name); + buf->st_nlink = + (dtype == DRIVE_REMOTE ? 2 : num_entries (win32_name)); } } else { WIN32_FIND_DATA wfd; HANDLE handle; - /* hmm, the number of links to a directory includes the - number of entries in the directory, since all the things - in the directory point to it */ - buf->st_nlink += num_entries (win32_name); + /* The number of links to a directory includes the + number of subdirectories in the directory, since all + those subdirectories point to it. + This is too slow on remote drives, so we do without it and + set the number of links to 2. */ + buf->st_nlink = (dtype == DRIVE_REMOTE ? 2 : num_entries (win32_name)); buf->st_dev = FHDEVN(FH_DISK) << 8; buf->st_ino = hash_path_name (0, real_path.get_win32 ()); buf->st_mode = S_IFDIR | STD_RBITS | STD_XBITS; if ((atts & FILE_ATTRIBUTE_READONLY) == 0) buf->st_mode |= STD_WBITS; - int has_acls = allow_ntsec && real_path.has_acls (); - - buf->st_uid = get_file_owner (has_acls, real_path.get_win32 ()); - buf->st_gid = get_file_group (has_acls, real_path.get_win32 ()); + get_file_attribute (real_path.has_acls (), real_path.get_win32 (), + NULL, &buf->st_uid, &buf->st_gid); if ((handle = FindFirstFile (real_path.get_win32(), &wfd)) != INVALID_HANDLE_VALUE) { diff --git a/winsup/cygwin/winsup.h b/winsup/cygwin/winsup.h index a1b287e..9071257 100644 --- a/winsup/cygwin/winsup.h +++ b/winsup/cygwin/winsup.h @@ -414,7 +414,9 @@ const char * __stdcall find_exec (const char *name, char *buf, const char *winen int null_if_notfound = 0, const char **known_suffix = NULL); /* File manipulation */ -int __stdcall get_file_attribute (int, const char *, int *); +int __stdcall set_process_privileges (); +int __stdcall get_file_attribute (int, const char *, int *, + uid_t * = NULL, gid_t * = NULL); int __stdcall set_file_attribute (int, const char *, int); int __stdcall set_file_attribute (int, const char *, uid_t, gid_t, int, const char *); void __stdcall set_std_handle (int); |