[3/4] server: Explicitly add FILE_DELETE_CHILD permission when file write access is allowed.
Dmitry Timoshkov
dmitry at codeweavers.com
Tue Mar 15 06:07:33 CDT 2011
Installer in the bug 26288 requests FILE_ALL_ACCESS permission on a temp file
it just created, but FILE_DELETE_CHILD is not included in FILE_GENERIC_WRITE.
---
server/file.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/server/file.c b/server/file.c
index d17b25b..cca2633 100644
--- a/server/file.c
+++ b/server/file.c
@@ -360,7 +360,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
if (mode & S_IRUSR)
aaa->Mask |= FILE_GENERIC_READ;
if (mode & S_IWUSR)
- aaa->Mask |= FILE_GENERIC_WRITE | DELETE;
+ aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
if (mode & S_IXUSR)
aaa->Mask |= FILE_GENERIC_EXECUTE;
sid = (SID *)&aaa->SidStart;
@@ -381,7 +381,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
ada->Mask |= FILE_GENERIC_READ;
if (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IROTH)))
- ada->Mask |= FILE_GENERIC_WRITE | DELETE;
+ ada->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
if (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH)))
ada->Mask |= FILE_GENERIC_EXECUTE;
ada->Mask &= ~STANDARD_RIGHTS_ALL; /* never deny standard rights */
@@ -401,7 +401,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
if (mode & S_IROTH)
aaa->Mask |= FILE_GENERIC_READ;
if (mode & S_IWOTH)
- aaa->Mask |= FILE_GENERIC_WRITE | DELETE;
+ aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
if (mode & S_IXOTH)
aaa->Mask |= FILE_GENERIC_EXECUTE;
sid = (SID *)&aaa->SidStart;
--
1.7.3.5
More information about the wine-patches
mailing list