summaryrefslogtreecommitdiff
path: root/usr/src/common/acl/acl_common.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/common/acl/acl_common.c')
-rw-r--r--usr/src/common/acl/acl_common.c16
1 files changed, 12 insertions, 4 deletions
diff --git a/usr/src/common/acl/acl_common.c b/usr/src/common/acl/acl_common.c
index 6cfcb77937..ac73beace3 100644
--- a/usr/src/common/acl/acl_common.c
+++ b/usr/src/common/acl/acl_common.c
@@ -20,7 +20,7 @@
*/
/*
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
- * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
+ * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
*/
#include <sys/types.h>
@@ -1578,7 +1578,8 @@ acl_trivial_access_masks(mode_t mode, boolean_t isdir, trivial_acl_t *masks)
uint32_t write_mask = ACE_WRITE_DATA|ACE_APPEND_DATA;
uint32_t execute_mask = ACE_EXECUTE;
- (void) isdir; /* will need this later */
+ if (isdir)
+ write_mask |= ACE_DELETE_CHILD;
masks->deny1 = 0;
if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
@@ -1722,10 +1723,17 @@ ace_trivial_common(void *acep, int aclcnt,
return (1);
/*
- * Delete permissions are never set by default
+ * Delete permission is never set by default
+ */
+ if (mask & ACE_DELETE)
+ return (1);
+
+ /*
+ * Child delete permission should be accompanied by write
*/
- if (mask & (ACE_DELETE|ACE_DELETE_CHILD))
+ if ((mask & ACE_DELETE_CHILD) && !(mask & ACE_WRITE_DATA))
return (1);
+
/*
* only allow owner@ to have
* write_acl/write_owner/write_attributes/write_xattr/
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-14 06:52:22 +0000