This is the mail archive of the cygwin-developers@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: cygwin 1.5.6 release notes - comments needed


Christopher Faylor wrote:
> 
> 
> Corinna, Pierre, could you add some lines detailing your security
> changes and, if needed, flesh out my descriptions of your changes?
> 
> 
> - Protect some shared memory regions against unauthorized access.
> (Pierre Humblet)

That was done already in 1.5.5. This time it's all the bugs
related to "CreateFileMapping Windows error 5.  Terminating"
+ visibility of pinfo. So change to:

- Create shared memory regions in appropriate name space and
  with ACLs explicitly including their owner.

> - Protect tty access from unauthorized users.  (Pierre Humblet,
> Christopher Faylor)

That's a side effect. I would change that to

- Protect tty master processes against unauthorized access.  (Pierre Humblet,
 Christopher Faylor)


Note that on WinME the exim queue runner process, which is forked, scans an
empty directory, then terminates, sometimes dies with a pop up about 
an error in cygwin1.dll. JIT debugging doesn't kick in. It happens with
low frequency (1 out of 500) and may be related to CPU load.
That started about 2 weeks ago and has happened once after the latest changes. 
I have just decreased the queue runner period to 1 min on my NT 4.0 to try to 
catch it there. 

Pierre


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]