Patch, Version 4: Unix-like permissions on objects [was Re: b21 -- various small issues]
Corinna Vinschen
corinna.vinschen@cityweb.de
Sat May 1 17:50:00 GMT 1999
Chris Faylor wrote:
>
> On Fri, Apr 30, 1999 at 04:25:23PM +0200, Corinna Vinschen wrote:
> >Has anybody fixed the chown/new headers problem in the meantime???
>
> The last I remember, Anders didn't see any difference between the
> old/new headers.
>
> I would very much like to get your changes into B21, though. I don't
> have much time for cygwin right now, though, so debugging this problem
> is not feasible for me, unfortunately.
>
> -chris
Hi Chris,
I have rewritten my security change. The remaining problem with chown
is solved, it was a stricter security behaviour in SP4 vs SP3, and not
Anders headers, as I suspected (sorry Anders!)
The file security.cc is now very different relative to the older version
because BackupRead()/BackupWrite() is used instead of GetFileSecurity()/
SetFileSecurity().
The function chown() in syscalls.cc is exclusively implemented by calls
to get_file_attributes()/set_file_attributes() now.
Another problem is also removed in this version. The function
GetFileSecurity() crashes on FAT and Samba file systems. The use of
BackupRead() prevents this. The current version works ok, samba
refuses (correctly!) the setting of owner/group/file modes.
I have carefully integrated the change into winsup-990430, I send the
patch file as bzip2ed attachment, because it's more than 40KB.
The NT security is coupled to the new CYGWIN option [no]ntsec.
The option [no]ntea is yet legal and does still work!
So everyone can decide self, how much UNIX-like security he/she wants.
As alread written in January: Well formed /etc/passwd and /etc/group
files are essential, to get the expected results. Especially the
attachment of users to their primary group is very helpful!
Example:
/etc/passwd:
============
everyone:*:0:0::/tmp:/bin/true
system:*:18:18::/tmp:/bin/true
administrator::500:544::/home/root:/bin/sh
guest:*:501:546::/tmp:/bin/true
administrators:*:544:544::/home/root:/bin/sh
corinna::1000:547:Corinna Vinschen:/home/corinna:/bin/tcsh
ftp::1001:545:anonymous ftp login:/home/ftp:/bin/true
/etc/group:
===========
everyone::0:
system::18:
none::513:
administrators::544:
users::545:
guests::546:
powerusers::547:
Best Regards,
Corinna
ChangeLog:
==========
Sun May 2 2:00:00 Corinna Vinschen <corinna.vinschen@cityweb.de>
* security.cc (ReadSD): New function.
* security.cc (WriteSD): Ditto.
* security.cc (get_admin_sid): Moved from shared.cc.
* security.cc (set_process_privileges): Moved from syscalls.cc,
shortened, changed return typ to int. Sets errno now.
* security.cc (set_file_attributes): Return type changed to int.
* security.cc (get_file_attributes): Ditto.
* security.cc (set_nt_attributes): Ditto. Cares for setting
of S_ISVTX now.
* security.cc (get_nt_attributes): Ditto.
* syscalls.cc (rel2abssd): #if 0'ed.
* syscalls.cc (set_process_privileges): Moved to security.cc.
* syscalls.cc (chown): Rewritten.
* syscalls.cc (chmod): Changed call order of the functions
set_file_attributes() and SetFileAttributesA().
* fhandler.cc (fhandler_base::fstat): Changed check for
return value of get_file_attributes().
* ntea.cc (NTReadEA): returns TRUE now, if allow_ntea is unset.
* ntea.cc (NTWriteEA): returns TRUE now, if allow_ntea is unset.
* shared.cc (get_admin_sid): Moved to security.cc.
* path.cc (symlink_check_one): Changed check for return value
of get_file_attributes().
Sat Mar 6 18:30:00 Corinna Vinschen <corinna.vinschen@cityweb.de>
* security.cc (get_world_sid): Rewritten.
* security.cc (world_full_access): Deleted.
* grp.cc: Use gid 0 as default gid.
* grp.cc (read_etc_group): Look for account name of world group.
* fhandler.cc (fhandler_base::open): Call `set_file_attribute'
only in case of disk file.
Fri Feb 26 00:44:00 Corinna Vinschen <corinna.vinschen@cityweb.de>
* security.cc (get_file_attribute): Patched incorrect test
for symlink.
* security.cc (set_file_attribute): ditto.
Sat Jan 30 02:12:00 Corinna Vinschen <corinna.vinschen@cityweb.de>
* security.cc: Special handling for user and/or administrators
permissions to write (extended) attributes.
Fri Jan 29 02:12:00 Corinna Vinschen <corinna.vinschen@cityweb.de>
* security.cc: Don't allow 513(none) as user or group.
Thu Jan 28 11:00:00 Corinna Vinschen <corinna.vinschen@cityweb.de>
* security.cc: new functions `set_nt_attribute()', `get_nt_attribute()'
and `set_file_attribute()' with additional parameters `uid' and `gid',
to support real NT security.
* winsup.h: Prototype for `set_file_attribute()' with four
parameters.
* dir.cc (mkdir): Calls `set_file_attribute()' now.
* syscalls.cc (chown): ditto.
* syscalls.cc (chmod): ditto, with correct uid/gid.
21 Jan 12:30:00 1999 Corinna Vinschen <corinna.vinschen@cityweb.de>
* shared.cc: New function `get_admin_sid()' to get a SID
of the administrators group or of administrator.
New functions `sec_user()' and `sec_user_nih()' to get
SECURITY_ATTRIBUTES with all permissions for the user and
the administtrator group.
* shared.h: Prototypes for the above new functions `sec_user()'
and `sec_user_nih()'.
* sigproc.cc (getsem): Create process semaphore with
permissions set by `sec_user()'.
ntsec-patch.bz2
More information about the Cygwin-developers
mailing list