* dir.cc (mkdir): Set security attributes correctly for

        CreateDirectoryA () call if ntsec is on. Don't call
        set_file_attributes () then.
        * fhandler.cc (fhandler_base::open): Ditto for CreateFileA () call.
        * path.cc (symlink): Ditto.
        * security.cc (set_security_attribute): New function.
        * security.h: Add declaration for `allow_ntea' and
        `set_security_attribute'.

6 files changed, 65 insertions, 15 deletions

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index e2f504f..fc87d8e 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,14 @@
+Tue Aug  7 16:24:00 2001  Corinna Vinschen <corinna@vinschen.de>
+
+	* dir.cc (mkdir): Set security attributes correctly for
+	CreateDirectoryA () call if ntsec is on. Don't call
+	set_file_attributes () then.
+	* fhandler.cc (fhandler_base::open): Ditto for CreateFileA () call.
+	* path.cc (symlink): Ditto.
+	* security.cc (set_security_attribute): New function.
+	* security.h: Add declaration for `allow_ntea' and
+	`set_security_attribute'.
+
 Tue Aug  7 10:54:00 2001  Corinna Vinschen <corinna@vinschen.de>
 
         * grp.cc (class grp_check): New class. Make `group_state'
diff --git a/winsup/cygwin/dir.cc b/winsup/cygwin/dir.cc
index 45fc011..022a8d6 100644
--- a/winsup/cygwin/dir.cc
+++ b/winsup/cygwin/dir.cc
@@ -305,6 +305,7 @@ extern "C" int
 mkdir (const char *dir, mode_t mode)
 {
   int res = -1;
+  SECURITY_ATTRIBUTES sa = sec_none_nih;
 
   path_conv real_dir (dir, PC_SYM_NOFOLLOW);
 
@@ -318,10 +319,15 @@ mkdir (const char *dir, mode_t mode)
   if (! writable_directory (real_dir.get_win32 ()))
     goto done;
 
-  if (CreateDirectoryA (real_dir.get_win32 (), 0))
+  if (allow_ntsec && real_dir.has_acls ())
+    set_security_attribute (S_IFDIR | ((mode & 0777) & ~cygheap->umask),
+			    &sa, alloca (256), 256);
+
+  if (CreateDirectoryA (real_dir.get_win32 (), &sa))
     {
-      set_file_attribute (real_dir.has_acls (), real_dir.get_win32 (),
-			  S_IFDIR | ((mode & 0777) & ~cygheap->umask));
+      if (!allow_ntsec && allow_ntea)
+	set_file_attribute (real_dir.has_acls (), real_dir.get_win32 (),
+			    S_IFDIR | ((mode & 0777) & ~cygheap->umask));
       res = 0;
     }
   else
diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc
index ca912cb..98b80b9 100644
--- a/winsup/cygwin/fhandler.cc
+++ b/winsup/cygwin/fhandler.cc
@@ -300,6 +300,7 @@ fhandler_base::open (int flags, mode_t mode)
   int file_attributes;
   int shared;
   int creation_distribution;
+  SECURITY_ATTRIBUTES sa = sec_none;
 
   syscall_printf ("(%s, %p)", get_win32_name (), flags);
 
@@ -382,14 +383,20 @@ fhandler_base::open (int flags, mode_t mode)
       set_errno (ENOENT);
       goto done;
     }
+
+  /* If the file should actually be created and ntsec is on,
+     set files attributes. */
+  if (flags & O_CREAT && get_device () == FH_DISK && allow_ntsec && has_acls ())
+    set_security_attribute (mode, &sa, alloca (256), 256);
+
   x = CreateFileA (get_win32_name (), access, shared,
-		   &sec_none, creation_distribution,
+		   &sa, creation_distribution,
 		   file_attributes,
 		   0);
 
   syscall_printf ("%p = CreateFileA (%s, %p, %p, %p, %p, %p, 0)",
 		  x, get_win32_name (), access, shared,
-		  &sec_none, creation_distribution,
+		  &sa, creation_distribution,
 		  file_attributes);
 
   if (x == INVALID_HANDLE_VALUE)
@@ -401,9 +408,12 @@ fhandler_base::open (int flags, mode_t mode)
       goto done;
     }
 
-  // Attributes may be set only if a file is _really_ created.
+  /* Attributes may be set only if a file is _really_ created.
+     This code is now only used for ntea here since the files
+     security attributes are set in CreateFile () now. */
   if (flags & O_CREAT && get_device () == FH_DISK
-      && GetLastError () != ERROR_ALREADY_EXISTS)
+      && GetLastError () != ERROR_ALREADY_EXISTS
+      && !allow_ntsec && allow_ntea)
     set_file_attribute (has_acls (), get_win32_name (), mode);
 
   namehash = hash_path_name (0, get_win32_name ());
diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc
index bd032d7..65c0952 100644
--- a/winsup/cygwin/path.cc
+++ b/winsup/cygwin/path.cc
@@ -2395,6 +2395,7 @@ symlink (const char *topath, const char *frompath)
   char cwd[MAX_PATH + 1], *cp = NULL, c = 0;
   char w32topath[MAX_PATH + 1];
   DWORD written;
+  SECURITY_ATTRIBUTES sa = sec_none_nih;
 
   win32_path.check (frompath, PC_SYM_NOFOLLOW);
   if (allow_winsymlinks && !win32_path.error)
@@ -2456,7 +2457,11 @@ symlink (const char *topath, const char *frompath)
 	}
     }
 
-  h = CreateFileA(win32_path, GENERIC_WRITE, 0, &sec_none_nih,
+  if (allow_ntsec && win32_path.has_acls ())
+    set_security_attribute (S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO,
+			    &sa, alloca (256), 256);
+
+  h = CreateFileA(win32_path, GENERIC_WRITE, 0, &sa,
 		  CREATE_NEW, FILE_ATTRIBUTE_NORMAL, 0);
   if (h == INVALID_HANDLE_VALUE)
       __seterrno ();
@@ -2499,9 +2504,10 @@ symlink (const char *topath, const char *frompath)
       if (success)
 	{
 	  CloseHandle (h);
-	  set_file_attribute (win32_path.has_acls (),
-			      win32_path.get_win32 (),
-			      S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO);
+	  if (!allow_ntsec && allow_ntea)
+	    set_file_attribute (win32_path.has_acls (),
+				win32_path.get_win32 (),
+				S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO);
 	  SetFileAttributesA (win32_path.get_win32 (),
 			      allow_winsymlinks ? FILE_ATTRIBUTE_READONLY
 						: FILE_ATTRIBUTE_SYSTEM);
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index a1619f5..d41d0a1 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -1553,6 +1553,23 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
   return psd;
 }
 
+void
+set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
+			void *sd_buf, DWORD sd_buf_size)
+{
+  /* symlinks are anything for everyone!*/
+  if ((attribute & S_IFLNK) == S_IFLNK)
+    attribute |= S_IRWXU | S_IRWXG | S_IRWXO;
+
+  psa->lpSecurityDescriptor = sd_buf;
+  InitializeSecurityDescriptor ((PSECURITY_DESCRIPTOR)sd_buf,
+  				SECURITY_DESCRIPTOR_REVISION);
+  psa->lpSecurityDescriptor = alloc_sd (geteuid (), getegid (),
+					cygheap->user.logsrv (),
+					attribute, (PSECURITY_DESCRIPTOR)sd_buf,
+					&sd_buf_size);
+}
+
 static int
 set_nt_attribute (const char *file, uid_t uid, gid_t gid,
 		  const char *logsrv, int attribute)
@@ -1583,10 +1600,6 @@ set_file_attribute (int use_ntsec, const char *file,
 		    uid_t uid, gid_t gid,
 		    int attribute, const char *logsrv)
 {
-  /* symlinks are anything for everyone!*/
-  if ((attribute & S_IFLNK) == S_IFLNK)
-    attribute |= S_IRWXU | S_IRWXG | S_IRWXO;
-
   int ret = 0;
 
   if (use_ntsec && allow_ntsec)
diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h
index 49c41c8..e206080 100644
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@@ -151,6 +151,7 @@ legal_sid_type (SID_NAME_USE type)
       || type == SidTypeAlias || type == SidTypeWellKnownGroup;
 }
 
+extern BOOL allow_ntea;
 extern BOOL allow_ntsec;
 extern BOOL allow_smbntsec;
 
@@ -171,6 +172,9 @@ LONG __stdcall write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_
 BOOL __stdcall add_access_allowed_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit);
 BOOL __stdcall add_access_denied_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit);
 
+void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
+			     void *sd_buf, DWORD sd_buf_size);
+
 /* Try a subauthentication. */
 HANDLE subauth (struct passwd *pw);
 /* Try creating a token directly. */