From c9b0c415fd752a80d7540e3ff75768b7ce1d70cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= Date: Thu, 22 May 2014 09:01:37 +0200 Subject: [PATCH] Decoded the GENERIC_ALL flag in secaudit The GENERIC_ALL flags was not decoded and could lead to displaying no access to some directories. --- src/secaudit.c | 2 ++ src/secaudit.h | 14 ++++++++------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/secaudit.c b/src/secaudit.c index ca2264f5..b419047b 100644 --- a/src/secaudit.c +++ b/src/secaudit.c @@ -206,6 +206,8 @@ * * Sep 2013, version 1.4.1 * - silenced an aliasing warning by gcc >= 4.8 + * + * - decoded GENERIC_ALL permissions */ /* diff --git a/src/secaudit.h b/src/secaudit.h index ce59d683..a8ad163f 100644 --- a/src/secaudit.h +++ b/src/secaudit.h @@ -561,12 +561,14 @@ enum { /* flags tested for meaning exec, write or read */ /* tests for write allow for interpretation of a sticky bit */ -#define FILE_GREAD (FILE_READ_DATA | GENERIC_READ) -#define FILE_GWRITE (FILE_WRITE_DATA | FILE_APPEND_DATA | GENERIC_WRITE) -#define FILE_GEXEC (FILE_EXECUTE | GENERIC_EXECUTE) -#define DIR_GREAD (FILE_LIST_DIRECTORY | GENERIC_READ) -#define DIR_GWRITE (FILE_ADD_FILE | FILE_ADD_SUBDIRECTORY | GENERIC_WRITE) -#define DIR_GEXEC (FILE_TRAVERSE | GENERIC_EXECUTE) +#define FILE_GREAD (FILE_READ_DATA | GENERIC_READ | GENERIC_ALL) +#define FILE_GWRITE (FILE_WRITE_DATA | FILE_APPEND_DATA | GENERIC_WRITE \ + | GENERIC_ALL) +#define FILE_GEXEC (FILE_EXECUTE | GENERIC_EXECUTE | GENERIC_ALL) +#define DIR_GREAD (FILE_LIST_DIRECTORY | GENERIC_READ | GENERIC_ALL) +#define DIR_GWRITE (FILE_ADD_FILE | FILE_ADD_SUBDIRECTORY | GENERIC_WRITE \ + | GENERIC_ALL) +#define DIR_GEXEC (FILE_TRAVERSE | GENERIC_EXECUTE | GENERIC_ALL) /* standard owner (and administrator) rights */