We should never just assign an st_mode to an ace->perms field, theoretically

they are different so should go through a mapping function. Ensure this is so.

Practically this does not matter, as for user permissions the mapping
function is an identity, and the extra bits we may add are ignored
anyway, but this makes the intent clear.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct  6 03:04:14 CEST 2012 on sn-devel-104

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index cc953fdfa929bbd092b9008b20c6557171e589d7..45a921f747c70e844c323346960bbc77b7201287 100644 (file)
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1506,9 +1506,9 @@ static bool ensure_canon_entry_valid_on_set(connection_struct *conn,
                pace->unix_ug.id = pst->st_ex_uid;
                pace->trustee = *pfile_owner_sid;
                pace->attr = ALLOW_ACE;
-               /* Start with existing permissions, principle of least
+               /* Start with existing user permissions, principle of least
                   surprises for the user. */
-               pace->perms = pst->st_ex_mode;
+               pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRUSR, S_IWUSR, S_IXUSR);
 
                /* See if the owning user is in any of the other groups in
                   the ACE, or if there's a matching user entry (by uid