Dmitry Timoshkov : server: Add excute permission when read file access is allowed.

Alexandre Julliard julliard at winehq.org
Mon Mar 28 14:21:59 CDT 2011 

Module: wine
Branch: master
Commit: 1b5602e59cbd72bceb173e2dba4d214f8ef97ac9
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=1b5602e59cbd72bceb173e2dba4d214f8ef97ac9

Author: Dmitry Timoshkov <dmitry at codeweavers.com>
Date:   Thu Mar 24 16:57:21 2011 +0800

server: Add excute permission when read file access is allowed.

---

 dlls/advapi32/tests/security.c |   12 ++++--------
 server/file.c                  |   12 +++---------
 2 files changed, 7 insertions(+), 17 deletions(-)

diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 5409c35..7040add 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -881,10 +881,9 @@ cleanup:
     SetLastError(0xdeadbeef);
     rc = AccessCheck(sd, token, FILE_EXECUTE, &mapping, &priv_set, &priv_set_len, &granted, &status);
     ok(rc, "AccessCheck error %d\n", GetLastError());
-todo_wine {
     ok(status == 1, "expected 1, got %d\n", status);
     ok(granted == FILE_EXECUTE, "expected FILE_EXECUTE, got %#x\n", granted);
-}
+
     granted = 0xdeadbeef;
     status = 0xdeadbeef;
     SetLastError(0xdeadbeef);
@@ -906,19 +905,17 @@ todo_wine {
     SetLastError(0xdeadbeef);
     rc = AccessCheck(sd, token, 0x1ff, &mapping, &priv_set, &priv_set_len, &granted, &status);
     ok(rc, "AccessCheck error %d\n", GetLastError());
-todo_wine {
     ok(status == 1, "expected 1, got %d\n", status);
     ok(granted == 0x1ff, "expected 0x1ff, got %#x\n", granted);
-}
+
     granted = 0xdeadbeef;
     status = 0xdeadbeef;
     SetLastError(0xdeadbeef);
     rc = AccessCheck(sd, token, FILE_ALL_ACCESS, &mapping, &priv_set, &priv_set_len, &granted, &status);
     ok(rc, "AccessCheck error %d\n", GetLastError());
-todo_wine {
     ok(status == 1, "expected 1, got %d\n", status);
     ok(granted == FILE_ALL_ACCESS, "expected FILE_ALL_ACCESS, got %#x\n", granted);
-}
+
     SetLastError(0xdeadbeef);
     rc = AccessCheck(sd, token, 0xffffffff, &mapping, &priv_set, &priv_set_len, &granted, &status);
     ok(!rc, "AccessCheck should fail\n");
@@ -995,10 +992,9 @@ todo_wine {
     SetLastError(0xdeadbeef);
     rc = AccessCheck(sd, token, FILE_EXECUTE, &mapping, &priv_set, &priv_set_len, &granted, &status);
     ok(rc, "AccessCheck error %d\n", GetLastError());
-todo_wine {
     ok(status == 1, "expected 1, got %d\n", status);
     ok(granted == FILE_EXECUTE, "expected FILE_EXECUTE, got %#x\n", granted);
-}
+
     granted = 0xdeadbeef;
     status = 0xdeadbeef;
     SetLastError(0xdeadbeef);
diff --git a/server/file.c b/server/file.c
index cca2633..ee7202b 100644
--- a/server/file.c
+++ b/server/file.c
@@ -358,11 +358,9 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
                               FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]);
         aaa->Mask = WRITE_DAC | WRITE_OWNER;
         if (mode & S_IRUSR)
-            aaa->Mask |= FILE_GENERIC_READ;
+            aaa->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
         if (mode & S_IWUSR)
             aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
-        if (mode & S_IXUSR)
-            aaa->Mask |= FILE_GENERIC_EXECUTE;
         sid = (SID *)&aaa->SidStart;
         memcpy( sid, user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) );
     }
@@ -379,11 +377,9 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
                               FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]);
         ada->Mask = 0;
         if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
-            ada->Mask |= FILE_GENERIC_READ;
+            ada->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
         if (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IROTH)))
             ada->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
-        if (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH)))
-            ada->Mask |= FILE_GENERIC_EXECUTE;
         ada->Mask &= ~STANDARD_RIGHTS_ALL; /* never deny standard rights */
         sid = (SID *)&ada->SidStart;
         memcpy( sid, user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) );
@@ -399,11 +395,9 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
                              FIELD_OFFSET(SID, SubAuthority[world_sid->SubAuthorityCount]);
         aaa->Mask = 0;
         if (mode & S_IROTH)
-            aaa->Mask |= FILE_GENERIC_READ;
+            aaa->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
         if (mode & S_IWOTH)
             aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
-        if (mode & S_IXOTH)
-            aaa->Mask |= FILE_GENERIC_EXECUTE;
         sid = (SID *)&aaa->SidStart;
         memcpy( sid, world_sid, FIELD_OFFSET(SID, SubAuthority[world_sid->SubAuthorityCount]) );
     }

More information about the wine-cvs mailing list