Processed ACLs with no mentioned rights for owner (used by Windows8)

Windows 8 uses ACL patterns in which the owner has only implicit rights
(pattern not used by previous Windows versions)

libntfs-3g/acls.c

@@ -3096,6 +3096,7 @@ static int build_owngrp_permissions(const char *securattr,
 	int nace;
 	le32 special;
 	BOOL grppresent;
+	BOOL ownpresent;
 	le32 allowown, allowgrp, allowall;
 	le32 denyown, denygrp, denyall;
 
@@ -3105,6 +3106,7 @@ static int build_owngrp_permissions(const char *securattr,
 	special = const_cpu_to_le32(0);
 	allowown = allowgrp = allowall = const_cpu_to_le32(0);
 	denyown = denygrp = denyall = const_cpu_to_le32(0);
+	ownpresent = FALSE;
 	grppresent = FALSE;
 	if (offdacl) {
 		acecnt = le16_to_cpu(pacl->ace_count);
@@ -3117,9 +3119,11 @@ static int build_owngrp_permissions(const char *securattr,
 			if ((ntfs_same_sid(usid, &pace->sid)
 			   || ntfs_same_sid(ownersid, &pace->sid))
 			    && (pace->mask & WRITE_OWNER)) {
-				if (pace->type == ACCESS_ALLOWED_ACE_TYPE)
+				if (pace->type == ACCESS_ALLOWED_ACE_TYPE) {
 					allowown |= pace->mask;
-				} else
+					ownpresent = TRUE;
+				}
+			} else
 				if (ntfs_same_sid(usid, &pace->sid)
 				   && (!(pace->mask & WRITE_OWNER))) {
 					if (pace->type == ACCESS_ALLOWED_ACE_TYPE) {
@@ -3140,6 +3144,8 @@ static int build_owngrp_permissions(const char *securattr,
 			}
 			offace += le16_to_cpu(pace->size);
 		}
+	if (!ownpresent)
+		allowown = allowall;
 	if (!grppresent)
 		allowgrp = allowall;
 	return (merge_permissions(isdir,

src/secaudit.c

@@ -569,8 +569,21 @@ static const char worldsidbytes[] = {
 } ;
 static const SID *worldsid = (const SID*)worldsidbytes;
 
+/*	        
+ *		SID for authenticated user (S-1-5-11)
+ */
+	        
+static const char authsidbytes[] = {
+		1,		/* revision */ 
+		1,		/* auth count */
+		0, 0, 0, 0, 0, 5,	/* base */
+		11, 0, 0, 0	/* 1st level */
+};
+  
+static const SID *authsid = (const SID*)authsidbytes;
+
 /*
- *		SID for administrator
+ *		SID for administrator (S-1-5-32-544)
  */
 
 static const char adminsidbytes[] = {
@@ -583,8 +596,22 @@ static const char adminsidbytes[] = {
 
 static const SID *adminsid = (const SID*)adminsidbytes;
 
+/*
+ *		SID for local users (S-1-5-32-545)
+ */
+
+static const char localsidbytes[] = {
+		1,		/* revision */
+		2,		/* auth count */
+		0, 0, 0, 0, 0, 5,	/* base */
+		32, 0, 0, 0,	/* 1st level */
+		33, 2, 0, 0	/* 2nd level */
+};
+
+static const SID *localsid = (const SID*)localsidbytes;
+
 /*	        
- *		SID for system
+ *		SID for system (S-1-5-18)
  */
 	        
 static const char systemsidbytes[] = {
@@ -3375,7 +3402,7 @@ void check_samples()
 		 *	which cannot be generated by Linux
 		 */
 
-	for (cnt=1; cnt<=8; cnt++) {
+	for (cnt=1; cnt<=10; cnt++) {
 		switch(cnt) {
 		case 1 :  /* hp/tmp */
 			isdir = TRUE;
@@ -3473,6 +3500,32 @@ void check_samples()
 			expectacc = expect = 0700;
 			expectdef = 0700;
 			break;
+		case 9 :  /* Win8/bin */
+			isdir = TRUE;
+			descr = build_dummy_descr(isdir,
+				(const SID*)owner3, (const SID*)owner3,
+				6,
+				(int)TRUE, authsid,   (int)0x3,  (u32)0x1f01ff,
+				(int)TRUE, adminsid,  (int)0x13, (u32)0x1f01ff,
+				(int)TRUE, systemsid, (int)0x13, (u32)0x1f01ff,
+				(int)TRUE, localsid,  (int)0x13, (u32)0x1200a9,
+				(int)TRUE, authsid,   (int)0x10, (u32)0x1301bf,
+				(int)TRUE, authsid,   (int)0x1b, (u32)0xe0010000);
+			expectacc = expect = 0777;
+			expectdef = 0777;
+			break;
+		case 10 :  /* Win8/bin/linem.exe */
+			isdir = FALSE;
+			descr = build_dummy_descr(isdir,
+				(const SID*)owner3, (const SID*)owner3,
+				4,
+				(int)TRUE, authsid,   (int)0x10, (u32)0x1f01ff,
+				(int)TRUE, adminsid,  (int)0x10, (u32)0x1f01ff,
+				(int)TRUE, systemsid, (int)0x10, (u32)0x1ff,
+				(int)TRUE, localsid,  (int)0x10, (u32)0x1200a9);
+			expectacc = expect = 0777;
+			expectdef = 0;
+			break;
 		default :
 			expectacc = expectdef = 0;
 			break;