Only request WRITE_DAC rights when writing an ACL

* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request query_write_dac rather than query_write_control access when writing an ACL. Fix a comment. Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-25 21:40:51 +01:00 · 2015-12-25 21:40:51 +01:00 · e983bd6aa4
parent ed3c07215c
commit e983bd6aa4
2 changed files with 8 additions and 2 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,9 @@
+2015-12-25  Corinna Vinschen  <corinna@vinschen.de>
+
+	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request
+	query_write_dac rather than query_write_control access when writing
+	an ACL.  Fix a comment.
+
 2015-12-24  Corinna Vinschen  <corinna@vinschen.de>

 	* sec_acl.cc (__aclcalcmask): New function to recalculate ACL masks.
--- a/winsup/cygwin/fhandler_disk_file.cc
+++ b/winsup/cygwin/fhandler_disk_file.cc
@ -742,7 +742,7 @@ fhandler_disk_file::fchmod (mode_t mode)
      query_open (query_write_dac);
      if (!(oret = open (O_BINARY, 0)))
 	{
-	  /* Need WRITE_DAC|WRITE_OWNER to write ACLs. */
+	  /* Need WRITE_DAC to write ACLs. */
 	  if (pc.has_acls ())
 	    return -1;
 	  /* Otherwise FILE_WRITE_ATTRIBUTES is sufficient. */
@ -1021,7 +1021,7 @@ cant_access_acl:
      if ((cmd == SETACL && !get_handle ())
 	  || (cmd != SETACL && !get_stat_handle ()))
 	{
-	  query_open (cmd == SETACL ? query_write_control : query_read_control);
+	  query_open (cmd == SETACL ? query_write_dac : query_read_control);
 	  if (!(oret = open (O_BINARY, 0)))
 	    {
 	      if (cmd == GETACL || cmd == GETACLCNT)