changeset 1070:f110a3f6e387

(issue114) Fine tune ACL propagation using mkdir_p the ACL of the parent directories would propagate to all subdirectories and objects in the directory. Now we only use ACL propagation in the last directory to make sure that files we might create in that directory inherit the correct (resitricted) ACL
author Andre Heinecke <andre.heinecke@intevation.de>
date Wed, 10 Sep 2014 16:41:36 +0200 (2014-09-10)
parents 709a7633a2c6
children fc4e1fe4e4d4
files cinst/mozilla.c cinst/nssstore_win.c common/portpath.c common/portpath.h common/util.c common/util.h
diffstat 6 files changed, 35 insertions(+), 14 deletions(-) [+]
line wrap: on
line diff
--- a/cinst/mozilla.c	Wed Sep 10 16:31:49 2014 +0200
+++ b/cinst/mozilla.c	Wed Sep 10 16:41:36 2014 +0200
@@ -420,7 +420,7 @@
           else
             {
               /* Lets create it */
-              if (!port_mkdir_p(profile_dir))
+              if (!port_mkdir_p(profile_dir, true))
                 {
                   ERRORPRINTF ("Failed to create directory: '%s'\n", profile_dir);
                   xfree(profile_dir);
@@ -455,7 +455,7 @@
     {
 #ifndef _WIN32
       /* NSS Shared db does not exist under windows. */
-      if (!port_mkdir_p(NSSSHARED_GLOBAL))
+      if (!port_mkdir_p(NSSSHARED_GLOBAL, false))
         {
           ERRORPRINTF("Failed to create nssshared skeleton directory. \n");
         }
--- a/cinst/nssstore_win.c	Wed Sep 10 16:31:49 2014 +0200
+++ b/cinst/nssstore_win.c	Wed Sep 10 16:41:36 2014 +0200
@@ -854,7 +854,7 @@
      it might be a symlink to another place that a users
      wants us to grant read access to or makes us overwrite
      something */
-  if(!create_restricted_directory (path))
+  if(!create_restricted_directory (path, true))
     {
       ERRORPRINTF ("Failed to create directory\n");
       xfree(path);
--- a/common/portpath.c	Wed Sep 10 16:31:49 2014 +0200
+++ b/common/portpath.c	Wed Sep 10 16:41:36 2014 +0200
@@ -8,6 +8,7 @@
 #include "portpath.h"
 #include "strhelp.h"
 #include "util.h"
+#include "logging.h"
 
 #include <libgen.h>
 #include <limits.h>
@@ -39,9 +40,13 @@
 }
 
 bool
-port_mkdir(const char *path)
+port_mkdir(const char *path, bool propagate_acl)
 {
 #ifndef _WIN32
+  if (propagate_acl)
+    {
+      DEBUGPRINTF("WARNING: ACL propagation only has an effect on Windows.\n");
+    }
   return mkdir(path, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH) == 0;
 #else
   wchar_t *wchar_path = utf8_to_wchar(path, strlen(path));
@@ -51,7 +56,7 @@
     {
       return false;
     }
-  ret = create_restricted_directory (wchar_path);
+  ret = create_restricted_directory (wchar_path, propagate_acl);
   xfree (wchar_path);
   return ret;
 #endif
@@ -90,7 +95,7 @@
 }
 
 bool
-port_mkdir_p(const char *path)
+port_mkdir_p(const char *path, bool propagate_acl)
 {
   char *parent_path,
        *p;
@@ -113,9 +118,9 @@
   *p = '\0';
   if (!port_isdir(parent_path))
     {
-      port_mkdir_p(parent_path);
+      port_mkdir_p(parent_path, false);
     }
-  return port_mkdir(path);
+  return port_mkdir(path, propagate_acl);
 }
 
 bool
--- a/common/portpath.h	Wed Sep 10 16:31:49 2014 +0200
+++ b/common/portpath.h	Wed Sep 10 16:41:36 2014 +0200
@@ -61,15 +61,25 @@
  * to create a directory that is world readable and
  * writable by the current user / group
  * @param[in] path the path to the directory
+ * @param[in] propagate_acl weather or not objects should inherit
+ * the ACL of this directory. Only has an effect on Windows.
  * @returns true if the directory was created
  */
-bool port_mkdir(const char *path);
+bool port_mkdir(const char *path, bool propagate_acl);
 
 /**
  * @brief create a directory and its parent directores
+ *
+ * On Windows the last directory will propagate it's ACL
+ * to objects and subdirectories. The parent directories
+ * will not.
+ *
+ * @param[in] propagate_acl weather or not the
+ * last created directory should propagate it's acl.
+ * Only has an effect on Windows.
  * @param[in] path the path to the directory
  * @returns true if the directory was created
  */
-bool port_mkdir_p(const char *path);
+bool port_mkdir_p(const char *path, bool propagate_acl);
 
 #endif
--- a/common/util.c	Wed Sep 10 16:31:49 2014 +0200
+++ b/common/util.c	Wed Sep 10 16:41:36 2014 +0200
@@ -655,7 +655,7 @@
 
 #ifdef WIN32
 bool
-create_restricted_directory (LPWSTR path)
+create_restricted_directory (LPWSTR path, bool objects_should_inherit)
 {
   bool retval = false;
   PSID everyone_SID = NULL,
@@ -685,7 +685,9 @@
      to allow everyone read access */
   explicit_access[0].grfAccessPermissions = GENERIC_READ; /* Give read access */
   explicit_access[0].grfAccessMode = SET_ACCESS; /* Overwrite other access for all users */
-  explicit_access[0].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT; /* make it stick */
+  explicit_access[0].grfInheritance = objects_should_inherit ?
+                                      SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */
+                                      NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */
   explicit_access[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
   explicit_access[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
   explicit_access[0].Trustee.ptstrName  = (LPTSTR) everyone_SID;
@@ -706,7 +708,9 @@
      it to the children */
   explicit_access[1].grfAccessPermissions = GENERIC_ALL;
   explicit_access[1].grfAccessMode = SET_ACCESS;
-  explicit_access[1].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT;
+  explicit_access[1].grfInheritance = objects_should_inherit ?
+                                      SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */
+                                      NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */
   explicit_access[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
   explicit_access[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
   explicit_access[1].Trustee.ptstrName = (LPTSTR) admin_SID;
--- a/common/util.h	Wed Sep 10 16:31:49 2014 +0200
+++ b/common/util.h	Wed Sep 10 16:41:36 2014 +0200
@@ -131,10 +131,12 @@
   * http://msdn.microsoft.com/en-us/library/windows/desktop/aa446595%28v=vs.85%29.aspx
   *
   * @param[in] path Path of the directory to create
+  * @param[in] propagate_acl weather or not objects should inherit
+  * the ACL of this directory.
   *
   * @returns true on success of if the directory exists, false on error
   */
-bool create_restricted_directory (LPWSTR path);
+bool create_restricted_directory (LPWSTR path, bool propagate_acl);
 
 /**@briefu Check the integrity level of the token
   *

http://wald.intevation.org/projects/trustbridge/