From 3321c450384e56e9153e0fff32b5933a18a7a6a7 Mon Sep 17 00:00:00 2001 From: Hans Leidekker Date: Tue, 19 Jul 2011 09:52:54 +0200 Subject: [PATCH] server: Include groups in file mode calculation if the security descriptor matches the current user. --- server/file.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/server/file.c b/server/file.c index fcfd572c2b1..07dab39ff1c 100644 --- a/server/file.c +++ b/server/file.c @@ -505,15 +505,15 @@ mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner ) { denied_mode |= (mode << 6) | (mode << 3) | mode; /* all */ } - else if (security_equal_sid( sid, owner )) - { - denied_mode |= (mode << 6); /* user only */ - } else if ((security_equal_sid( user, owner ) && token_sid_present( current->process->token, sid, TRUE ))) { denied_mode |= (mode << 6) | (mode << 3); /* user + group */ } + else if (security_equal_sid( sid, owner )) + { + denied_mode |= (mode << 6); /* user only */ + } break; case ACCESS_ALLOWED_ACE_TYPE: aa_ace = (const ACCESS_ALLOWED_ACE *)ace; @@ -523,15 +523,15 @@ mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner ) { new_mode |= (mode << 6) | (mode << 3) | mode; /* all */ } - else if (security_equal_sid( sid, owner )) - { - new_mode |= (mode << 6); /* user only */ - } else if ((security_equal_sid( user, owner ) && token_sid_present( current->process->token, sid, FALSE ))) { new_mode |= (mode << 6) | (mode << 3); /* user + group */ } + else if (security_equal_sid( sid, owner )) + { + new_mode |= (mode << 6); /* user only */ + } break; } }