summaryrefslogtreecommitdiff
path: root/lib/chef/file_access_control
diff options
context:
space:
mode:
Diffstat (limited to 'lib/chef/file_access_control')
-rw-r--r--lib/chef/file_access_control/windows.rb6
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/chef/file_access_control/windows.rb b/lib/chef/file_access_control/windows.rb
index 2c6b69c257..dc0e4444c3 100644
--- a/lib/chef/file_access_control/windows.rb
+++ b/lib/chef/file_access_control/windows.rb
@@ -90,11 +90,13 @@ class Chef
target_acl.each do |target_ace|
if target_ace.flags & INHERIT_ONLY_ACE == 0
self_ace = target_ace.dup
- self_ace.flags = 0
+ if target_ace.mask != Chef::ReservedNames::Win32::API::Security::WRITE_CONTROL
+ self_ace.flags = 0
+ end
self_ace.mask = securable_object.predict_rights_mask(target_ace.mask)
new_target_acl << self_ace
end
- if target_ace.flags & (CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE) != 0
+ if target_ace.mask != Chef::ReservedNames::Win32::API::Security::WRITE_CONTROL && target_ace.flags & (CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE) != 0
children_ace = target_ace.dup
children_ace.flags |= INHERIT_ONLY_ACE
new_target_acl << children_ace
View Lorry Controller Status