Piotr Caban : server: Make directory DACL entries inheritable.

Alexandre Julliard julliard at wine.codeweavers.com
Fri Mar 27 08:55:18 CDT 2015 

Module: wine
Branch: master
Commit: 3eb448cf33b6b6635bac4e06ea7fddd190e26450
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=3eb448cf33b6b6635bac4e06ea7fddd190e26450

Author: Piotr Caban <piotr at codeweavers.com>
Date:   Fri Mar 27 11:11:40 2015 +0100

server: Make directory DACL entries inheritable.

---

 dlls/advapi32/tests/security.c | 12 ++++++------
 server/file.c                  |  8 ++++----
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 04a88ae..e3c1659 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3192,9 +3192,9 @@ static void test_CreateDirectoryA(void)
         ok(bret, "Failed to get Current User ACE.\n");
         bret = EqualSid(&ace->SidStart, user_sid);
         todo_wine ok(bret, "Current User ACE != Current User SID.\n");
-        todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE),
-                     "Current User ACE has unexpected flags (0x%x != 0x03)\n",
-                     ((ACE_HEADER *)ace)->AceFlags);
+        ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE),
+                "Current User ACE has unexpected flags (0x%x != 0x03)\n",
+                ((ACE_HEADER *)ace)->AceFlags);
         ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n",
                                   ace->Mask);
     }
@@ -3204,9 +3204,9 @@ static void test_CreateDirectoryA(void)
         ok(bret, "Failed to get Administators Group ACE.\n");
         bret = EqualSid(&ace->SidStart, admin_sid);
         todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n");
-        todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE),
-                     "Administators Group ACE has unexpected flags (0x%x != 0x03)\n",
-                     ((ACE_HEADER *)ace)->AceFlags);
+        ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE),
+                "Administators Group ACE has unexpected flags (0x%x != 0x03)\n",
+                ((ACE_HEADER *)ace)->AceFlags);
         ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n",
                                   ace->Mask);
     }
diff --git a/server/file.c b/server/file.c
index abda2c3..f565f5a 100644
--- a/server/file.c
+++ b/server/file.c
@@ -367,7 +367,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
     aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1);
     current_ace = &aaa->Header;
     aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
-    aaa->Header.AceFlags = 0;
+    aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
     aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( local_system_sid );
     aaa->Mask = FILE_ALL_ACCESS;
     sid = (SID *)&aaa->SidStart;
@@ -379,7 +379,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
         aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
         current_ace = &aaa->Header;
         aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
-        aaa->Header.AceFlags = 0;
+        aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
         aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( user );
         aaa->Mask = WRITE_DAC | WRITE_OWNER;
         if (mode & S_IRUSR)
@@ -397,7 +397,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
         ACCESS_DENIED_ACE *ada = (ACCESS_DENIED_ACE *)ace_next( current_ace );
         current_ace = &ada->Header;
         ada->Header.AceType = ACCESS_DENIED_ACE_TYPE;
-        ada->Header.AceFlags = 0;
+        ada->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
         ada->Header.AceSize = FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) + security_sid_len( user );
         ada->Mask = 0;
         if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
@@ -414,7 +414,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
         aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
         current_ace = &aaa->Header;
         aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
-        aaa->Header.AceFlags = 0;
+        aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
         aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( world_sid );
         aaa->Mask = 0;
         if (mode & S_IROTH)

More information about the wine-cvs mailing list