Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
80e844f7
Commit
80e844f7
authored
Dec 11, 2009
by
Alexandre Julliard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
server: Simplify computation of file modes from the security descriptor.
parent
b419df1d
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
20 additions
and
42 deletions
+20
-42
file.c
server/file.c
+20
-42
No files found.
server/file.c
View file @
80e844f7
...
...
@@ -441,10 +441,22 @@ static struct security_descriptor *file_get_sd( struct object *obj )
return
sd
;
}
static
mode_t
file_access_to_mode
(
unsigned
int
access
)
{
mode_t
mode
=
0
;
access
=
generic_file_map_access
(
access
);
if
(
access
&
FILE_READ_DATA
)
mode
|=
4
;
if
(
access
&
FILE_WRITE_DATA
)
mode
|=
2
;
if
(
access
&
FILE_EXECUTE
)
mode
|=
1
;
return
mode
;
}
mode_t
sd_to_mode
(
const
struct
security_descriptor
*
sd
,
const
SID
*
owner
)
{
mode_t
new_mode
=
0
;
mode_t
denied_mode
=
0
;
mode_t
mode
;
int
present
;
const
ACL
*
dacl
=
sd_get_dacl
(
sd
,
&
present
);
const
SID
*
user
=
token_get_user
(
current
->
process
->
token
);
...
...
@@ -465,71 +477,37 @@ mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner )
case
ACCESS_DENIED_ACE_TYPE
:
ad_ace
=
(
const
ACCESS_DENIED_ACE
*
)
ace
;
sid
=
(
const
SID
*
)
&
ad_ace
->
SidStart
;
mode
=
file_access_to_mode
(
ad_ace
->
Mask
);
if
(
security_equal_sid
(
sid
,
security_world_sid
))
{
unsigned
int
access
=
generic_file_map_access
(
ad_ace
->
Mask
);
if
(
access
&
FILE_READ_DATA
)
denied_mode
|=
S_IRUSR
|
S_IRGRP
|
S_IROTH
;
if
(
access
&
FILE_WRITE_DATA
)
denied_mode
|=
S_IWUSR
|
S_IWGRP
|
S_IWOTH
;
if
(
access
&
FILE_EXECUTE
)
denied_mode
|=
S_IXUSR
|
S_IXGRP
|
S_IXOTH
;
denied_mode
|=
(
mode
<<
6
)
|
(
mode
<<
3
)
|
mode
;
/* all */
}
else
if
(
security_equal_sid
(
sid
,
owner
))
{
unsigned
int
access
=
generic_file_map_access
(
ad_ace
->
Mask
);
if
(
access
&
FILE_READ_DATA
)
denied_mode
|=
S_IRUSR
;
if
(
access
&
FILE_WRITE_DATA
)
denied_mode
|=
S_IWUSR
;
if
(
access
&
FILE_EXECUTE
)
denied_mode
|=
S_IXUSR
;
denied_mode
|=
(
mode
<<
6
);
/* user only */
}
else
if
((
security_equal_sid
(
user
,
owner
)
&&
token_sid_present
(
current
->
process
->
token
,
sid
,
TRUE
)))
{
unsigned
int
access
=
generic_file_map_access
(
ad_ace
->
Mask
);
if
(
access
&
FILE_READ_DATA
)
denied_mode
|=
S_IRUSR
|
S_IRGRP
;
if
(
access
&
FILE_WRITE_DATA
)
denied_mode
|=
S_IWUSR
|
S_IWGRP
;
if
(
access
&
FILE_EXECUTE
)
denied_mode
|=
S_IXUSR
|
S_IXGRP
;
denied_mode
|=
(
mode
<<
6
)
|
(
mode
<<
3
);
/* user + group */
}
break
;
case
ACCESS_ALLOWED_ACE_TYPE
:
aa_ace
=
(
const
ACCESS_ALLOWED_ACE
*
)
ace
;
sid
=
(
const
SID
*
)
&
aa_ace
->
SidStart
;
mode
=
file_access_to_mode
(
aa_ace
->
Mask
);
if
(
security_equal_sid
(
sid
,
security_world_sid
))
{
unsigned
int
access
=
generic_file_map_access
(
aa_ace
->
Mask
);
if
(
access
&
FILE_READ_DATA
)
new_mode
|=
S_IRUSR
|
S_IRGRP
|
S_IROTH
;
if
(
access
&
FILE_WRITE_DATA
)
new_mode
|=
S_IWUSR
|
S_IWGRP
|
S_IWOTH
;
if
(
access
&
FILE_EXECUTE
)
new_mode
|=
S_IXUSR
|
S_IXGRP
|
S_IXOTH
;
new_mode
|=
(
mode
<<
6
)
|
(
mode
<<
3
)
|
mode
;
/* all */
}
else
if
(
security_equal_sid
(
sid
,
owner
))
{
unsigned
int
access
=
generic_file_map_access
(
aa_ace
->
Mask
);
if
(
access
&
FILE_READ_DATA
)
new_mode
|=
S_IRUSR
;
if
(
access
&
FILE_WRITE_DATA
)
new_mode
|=
S_IWUSR
;
if
(
access
&
FILE_EXECUTE
)
new_mode
|=
S_IXUSR
;
new_mode
|=
(
mode
<<
6
);
/* user only */
}
else
if
((
security_equal_sid
(
user
,
owner
)
&&
token_sid_present
(
current
->
process
->
token
,
sid
,
FALSE
)))
{
unsigned
int
access
=
generic_file_map_access
(
ad_ace
->
Mask
);
if
(
access
&
FILE_READ_DATA
)
new_mode
|=
S_IRUSR
|
S_IRGRP
;
if
(
access
&
FILE_WRITE_DATA
)
new_mode
|=
S_IWUSR
|
S_IWGRP
;
if
(
access
&
FILE_EXECUTE
)
new_mode
|=
S_IXUSR
|
S_IXGRP
;
new_mode
|=
(
mode
<<
6
)
|
(
mode
<<
3
);
/* user + group */
}
break
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment