server: Include groups in file mode calculation if the security descriptor matches the current user.
diff --git a/server/file.c b/server/file.c
index fcfd572..07dab39 100644
--- a/server/file.c
+++ b/server/file.c
@@ -505,15 +505,15 @@
{
denied_mode |= (mode << 6) | (mode << 3) | mode; /* all */
}
- else if (security_equal_sid( sid, owner ))
- {
- denied_mode |= (mode << 6); /* user only */
- }
else if ((security_equal_sid( user, owner ) &&
token_sid_present( current->process->token, sid, TRUE )))
{
denied_mode |= (mode << 6) | (mode << 3); /* user + group */
}
+ else if (security_equal_sid( sid, owner ))
+ {
+ denied_mode |= (mode << 6); /* user only */
+ }
break;
case ACCESS_ALLOWED_ACE_TYPE:
aa_ace = (const ACCESS_ALLOWED_ACE *)ace;
@@ -523,15 +523,15 @@
{
new_mode |= (mode << 6) | (mode << 3) | mode; /* all */
}
- else if (security_equal_sid( sid, owner ))
- {
- new_mode |= (mode << 6); /* user only */
- }
else if ((security_equal_sid( user, owner ) &&
token_sid_present( current->process->token, sid, FALSE )))
{
new_mode |= (mode << 6) | (mode << 3); /* user + group */
}
+ else if (security_equal_sid( sid, owner ))
+ {
+ new_mode |= (mode << 6); /* user only */
+ }
break;
}
}
