This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Patch] Fixing the PROCESS_DUP_HANDLE security hole.

On Sun, Nov 14, 2004 at 12:11:58AM -0500, Christopher Faylor wrote:
>When I get the code to a point that it can run configure, I'll do a
>benchmark and see how bad this technique is.  If there is not a
>noticeable degradation, I think I'll probably duplicate the scenario of
>last year and checkin this revamp which, I believe will eliminate the
>security problem that you were talking about.

Well, my initial implementation was a little slower than 1.5.12, which
was encouraging since there was still stuff that I could do to speed
things up.  For instance, it occurred to me that all of the
synchronization in spawn_guts and waitsig could go away (with one
exception), so I got rid of it.

And, things got a little slower.

So, I realized that I could get rid of a thread synchronization problem
by always putting the pinfo for the new process in an static array.
This also eliminated the need to do anything other than send a signal
when the child was stopped or terminated.

I was getting pretty excited about all of the code that was disappearing
until I ran the benchmark.

Yep.  Things are *a lot* slower now.

Time for bed and dreams about threads and processes...

cgf
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]