From 220e5bc85b469fe1e1092c04241163e6a3b6734f Mon Sep 17 00:00:00 2001 From: Michael Pysson Date: Mon, 21 Oct 2019 19:11:46 -0700 Subject: [PATCH] Fix access control check with scrubbing in NetCore builds. (#1079) --- .../Native/IO/Windows/FileUtilities.Win.cs | 8 -------- .../UnitTests/Storage/FileUtilitiesTests.cs | 19 +++++++++++++++++++ .../Storage/Test.BuildXL.Storage.dsc | 1 + 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/Public/Src/Utilities/Native/IO/Windows/FileUtilities.Win.cs b/Public/Src/Utilities/Native/IO/Windows/FileUtilities.Win.cs index a28e1b0db..0a20d5e02 100644 --- a/Public/Src/Utilities/Native/IO/Windows/FileUtilities.Win.cs +++ b/Public/Src/Utilities/Native/IO/Windows/FileUtilities.Win.cs @@ -1509,7 +1509,6 @@ namespace BuildXL.Native.IO.Windows Contract.Requires(!string.IsNullOrWhiteSpace(path)); path = FileSystemWin.ToLongPathIfExceedMaxPath(path); -#if NET_FRAMEWORK FileSystemRights fileSystemRights = FileSystemRights.WriteData | FileSystemRights.AppendData | @@ -1517,9 +1516,6 @@ namespace BuildXL.Native.IO.Windows FileSystemRights.WriteExtendedAttributes; return CheckFileSystemRightsForPath(path, fileSystemRights); -#else - return true; -#endif } @@ -1529,15 +1525,11 @@ namespace BuildXL.Native.IO.Windows Contract.Requires(!string.IsNullOrWhiteSpace(path)); path = FileSystemWin.ToLongPathIfExceedMaxPath(path); -#if NET_FRAMEWORK FileSystemRights fileSystemRights = FileSystemRights.WriteAttributes | FileSystemRights.WriteExtendedAttributes; return CheckFileSystemRightsForPath(path, fileSystemRights); -#else - return true; -#endif } private bool CheckFileSystemRightsForPath(string path, FileSystemRights fileSystemRights) diff --git a/Public/Src/Utilities/UnitTests/Storage/FileUtilitiesTests.cs b/Public/Src/Utilities/UnitTests/Storage/FileUtilitiesTests.cs index 26f5be6df..a7e674be6 100644 --- a/Public/Src/Utilities/UnitTests/Storage/FileUtilitiesTests.cs +++ b/Public/Src/Utilities/UnitTests/Storage/FileUtilitiesTests.cs @@ -7,6 +7,7 @@ using System.Diagnostics; using System.IO; using System.IO.MemoryMappedFiles; using System.Linq; +using System.Security.AccessControl; using System.Text; using System.Threading.Tasks; using BuildXL.Cache.ContentStore.Interfaces.Extensions; @@ -999,6 +1000,24 @@ namespace Test.BuildXL.Storage XAssert.IsFalse(FileUtilities.DirectoryExistsNoFollow(directorySymlinkPath)); } + [FactIfSupported(requiresWindowsBasedOperatingSystem: true)] + public void HasWritableAccessControlTest() + { + string testFilePath = Path.Combine(TemporaryDirectory, "testFile.txt"); + File.WriteAllText(testFilePath, "hello"); + + XAssert.IsTrue(FileUtilities.HasWritableAccessControl(testFilePath)); + XAssert.IsTrue(FileUtilities.HasWritableAttributeAccessControl(testFilePath)); + + FileUtilities.SetFileAccessControl(testFilePath, FileSystemRights.WriteData, false); + XAssert.IsTrue(FileUtilities.HasWritableAttributeAccessControl(testFilePath)); + XAssert.IsFalse(FileUtilities.HasWritableAccessControl(testFilePath)); + + FileUtilities.SetFileAccessControl(testFilePath, FileSystemRights.WriteAttributes, false); + XAssert.IsFalse(FileUtilities.HasWritableAccessControl(testFilePath)); + XAssert.IsFalse(FileUtilities.HasWritableAttributeAccessControl(testFilePath)); + } + private void AssertNonexistent(Possible maybeFileExistence) => AssertPathExistence(PathExistence.Nonexistent, maybeFileExistence); diff --git a/Public/Src/Utilities/UnitTests/Storage/Test.BuildXL.Storage.dsc b/Public/Src/Utilities/UnitTests/Storage/Test.BuildXL.Storage.dsc index bb7a231a3..6d8fb3ac1 100644 --- a/Public/Src/Utilities/UnitTests/Storage/Test.BuildXL.Storage.dsc +++ b/Public/Src/Utilities/UnitTests/Storage/Test.BuildXL.Storage.dsc @@ -21,6 +21,7 @@ namespace Storage { importFrom("BuildXL.Utilities").Storage.dll, importFrom("BuildXL.Utilities.Instrumentation").Common.dll, importFrom("BuildXL.Utilities").Collections.dll, + ...importFrom("BuildXL.Utilities").Native.securityDlls, ], runtimeContent: [ dummyWaiterExe