Dmitry Timoshkov : server: Explicitly add FILE_DELETE_CHILD permission when file write access is allowed .

Alexandre Julliard julliard at winehq.org
Wed Mar 16 12:22:42 CDT 2011


Module: wine
Branch: master
Commit: da077956e1f0f5adb457ff47f0cfd51203373c2e
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=da077956e1f0f5adb457ff47f0cfd51203373c2e

Author: Dmitry Timoshkov <dmitry at codeweavers.com>
Date:   Wed Mar 16 18:46:00 2011 +0800

server: Explicitly add FILE_DELETE_CHILD permission when file write access is allowed.

---

 dlls/advapi32/tests/security.c |    3 +--
 server/file.c                  |    6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 14e8300..43406eb 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -889,10 +889,9 @@ todo_wine {
     SetLastError(0xdeadbeef);
     rc = AccessCheck(sd, token, FILE_DELETE_CHILD, &mapping, &priv_set, &priv_set_len, &granted, &status);
     ok(rc, "AccessCheck error %d\n", GetLastError());
-todo_wine {
     ok(status == 1, "expected 1, got %d\n", status);
     ok(granted == FILE_DELETE_CHILD, "expected FILE_DELETE_CHILD, got %#x\n", granted);
-}
+
     granted = 0xdeadbeef;
     status = 0xdeadbeef;
     SetLastError(0xdeadbeef);
diff --git a/server/file.c b/server/file.c
index d17b25b..cca2633 100644
--- a/server/file.c
+++ b/server/file.c
@@ -360,7 +360,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
         if (mode & S_IRUSR)
             aaa->Mask |= FILE_GENERIC_READ;
         if (mode & S_IWUSR)
-            aaa->Mask |= FILE_GENERIC_WRITE | DELETE;
+            aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
         if (mode & S_IXUSR)
             aaa->Mask |= FILE_GENERIC_EXECUTE;
         sid = (SID *)&aaa->SidStart;
@@ -381,7 +381,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
         if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
             ada->Mask |= FILE_GENERIC_READ;
         if (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IROTH)))
-            ada->Mask |= FILE_GENERIC_WRITE | DELETE;
+            ada->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
         if (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH)))
             ada->Mask |= FILE_GENERIC_EXECUTE;
         ada->Mask &= ~STANDARD_RIGHTS_ALL; /* never deny standard rights */
@@ -401,7 +401,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
         if (mode & S_IROTH)
             aaa->Mask |= FILE_GENERIC_READ;
         if (mode & S_IWOTH)
-            aaa->Mask |= FILE_GENERIC_WRITE | DELETE;
+            aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
         if (mode & S_IXOTH)
             aaa->Mask |= FILE_GENERIC_EXECUTE;
         sid = (SID *)&aaa->SidStart;




More information about the wine-cvs mailing list