Skip to content

Commit

Permalink
Cygwin: get/set security descriptors using FILE_OPEN_NO_RECALL
Browse files Browse the repository at this point in the history 
Add FILE_OPEN_NO_RECALL to NtOpenFile calls trying to fetch
or write file security descriptors so as not to recall them
from offline storage inadvertently.

Signed-off-by: Corinna Vinschen <[email protected]>
Signed-off-by: Johannes Schindelin <[email protected]>
  • Loading branch information
@github-cygwin @dscho
github-cygwin authored and dscho committed Mar 9, 2024
1 parent da83e4d commit 6380bea
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions winsup/cygwin/sec/base.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd,
fh ? pc.init_reopen_attr (attr, fh)
: pc.get_object_attr (attr, sec_none_nih),
&io, FILE_SHARE_VALID_FLAGS,
FILE_OPEN_FOR_BACKUP_INTENT
FILE_OPEN_NO_RECALL
| FILE_OPEN_FOR_BACKUP_INTENT
| pc.is_known_reparse_point ()
? FILE_OPEN_REPARSE_POINT : 0);
if (!NT_SUCCESS (status))
Expand Down Expand Up @@ -129,7 +130,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd,
NULL, NULL);
status = NtOpenFile (&fh, READ_CONTROL, &attr, &io,
FILE_SHARE_VALID_FLAGS,
FILE_OPEN_FOR_BACKUP_INTENT
FILE_OPEN_NO_RECALL
| FILE_OPEN_FOR_BACKUP_INTENT
| FILE_OPEN_REPARSE_POINT);
if (!NT_SUCCESS (status))
{
Expand Down Expand Up @@ -234,7 +236,8 @@ set_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, bool is_chown)
: pc.get_object_attr (attr, sec_none_nih),
&io,
FILE_SHARE_VALID_FLAGS,
FILE_OPEN_FOR_BACKUP_INTENT
FILE_OPEN_NO_RECALL
| FILE_OPEN_FOR_BACKUP_INTENT
| pc.is_known_reparse_point ()
? FILE_OPEN_REPARSE_POINT : 0);
if (!NT_SUCCESS (status))
Expand Down

0 comments on commit 6380bea

Please sign in to comment.