This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
Re: [Patch] Fixing the PROCESS_DUP_HANDLE security hole.
At 11:33 PM 11/11/2004 -0500, Christopher Faylor wrote:
>On Thu, Nov 11, 2004 at 10:48:57PM -0500, Pierre A. Humblet wrote:
>>Now that 1.5.12 is out, here is a patch to fix the PROCESS_DUP_HANDLE
>>security hole. It uses a new approach to reparenting: the parent
>>duplicates the exec'ed process handle when signaled by the child.
>
>Can you refresh my memory (a URL is fine) on "the PROCESS_DUP_HANDLE
>security hole"?
It starts with
http://cygwin.com/ml/cygwin-developers/2003-09/msg00078.html
Eventually things were broken down in several patches. The part
about the tty gave rise to your archetype and the abandon of vfork.
Very long story.
>I'm not 100% certain but I think if you cast back into the dim recesses
>of cygwin's past, you might find that this is the way things used to be
>done, to some degree.
The patch relies heavily on your implementation of signals using a pipe,
which allows to carry extra info.
Pierre