Use correct gid value for Microsoft Account when /etc/group is in use

* sec_acl.cc (get_posix_access): In case owner SID == group SID, when encountering the group entry, change the value of `id' accordingly. Explain why. Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-11-29 20:26:48 +01:00 · 2015-11-29 20:26:48 +01:00 · 47e7288769
parent bfe23aa437
commit 47e7288769
2 changed files with 18 additions and 2 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,9 @@
+2015-11-29  Corinna Vinschen  <corinna@vinschen.de>
+
+	* sec_acl.cc (get_posix_access): In case owner SID == group SID, when
+	encountering the group entry, change the value of `id' accordingly.
+	Explain why.
+
 2015-11-28  Corinna Vinschen  <corinna@vinschen.de>

 	* gendef (sigdelayed): Save and restore content of the MXCSR register
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@ -811,6 +811,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
 		  if (owner_eq_group && !saw_group_obj)
 		    {
 		      type = GROUP_OBJ;
+		      /* Gid and uid are not necessarily the same even if the
+			 SID is the same: /etc/group is in use and the user got
+			 added to /etc/group using another gid than the uid.
+			 This is a border case but it happened and resetting id
+			 to gid is not much of a burden. */
+		      id = gid;
 		      if (ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
 			saw_group_obj = true;
 		    }
@ -871,8 +877,12 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
 	      if (saw_def_user_obj)
 		{
 		  if (owner_eq_group && !saw_def_group_obj && attr & S_ISGID)
-		    type = GROUP_OBJ;	/* This needs post-processing in the
-					   following GROUP_OBJ handling... */
+		    {
+		      /* This needs post-processing in the following GROUP_OBJ
+		         handling...  Set id to ILLEGAL_GID to play it safe. */
+		      type = GROUP_OBJ;
+		      id = ILLEGAL_GID;
+		    }
 		  else
 		    type = USER;
 		}