This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
AF_UNIX relaxed security patch
- To: Cygwin-Patches <cygwin-patches at sources dot redhat dot com>
- Subject: AF_UNIX relaxed security patch
- From: Jason Tishler <jason at tishler dot net>
- Date: Thu, 16 Aug 2001 10:07:25 -0400
- Cc: Markus Hoenicka <Markus dot Hoenicka at uth dot tmc dot edu>
I believe that the following patch:
http://www.cygwin.com/ml/cygwin-cvs/2001-q3/msg00056.html
and specifically this portion:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/winsup/cygwin/fhandler_socket.cc.diff?cvsroot=uberbaum&r1=1.12&r2=1.13
is preventing PostgreSQL AF_UNIX socket clients from being able to
connect to postmaster when it is running under a different user account.
This lead to the following bug report on the Cygwin mailing list:
http://sources.redhat.com/ml/cygwin/2001-08/msg00018.html
The attached patch relaxes the security so that this problem is mitigated.
However, I admit to not fully grokking the security ramification of
my change. Did I open up access to secret_event too much? Is there a
better way to fix this problem?
Thanks,
Jason
Index: fhandler_socket.cc
===================================================================
RCS file: /cvs/src/src/winsup/cygwin/fhandler_socket.cc,v
retrieving revision 1.16
diff -u -p -r1.16 fhandler_socket.cc
--- fhandler_socket.cc 2001/08/15 07:49:15 1.16
+++ fhandler_socket.cc 2001/08/15 17:58:47
@@ -101,7 +101,7 @@ fhandler_socket::create_secret_event (in
__small_sprintf (buf, SECRET_EVENT_NAME, sin.sin_port,
secret_ptr [0], secret_ptr [1],
secret_ptr [2], secret_ptr [3]);
- secret_event = CreateEvent (get_inheritance (), FALSE, FALSE, buf);
+ secret_event = CreateEvent (get_inheritance(true), FALSE, FALSE, buf);
if (!secret_event && GetLastError () == ERROR_ALREADY_EXISTS)
secret_event = OpenEvent (EVENT_ALL_ACCESS, FALSE, buf);
@@ -136,7 +136,7 @@ fhandler_socket::check_peer_secret_event
__small_sprintf (buf, SECRET_EVENT_NAME, peer->sin_port,
secret_ptr [0], secret_ptr [1],
secret_ptr [2], secret_ptr [3]);
- ev = CreateEvent (&sec_none_nih, FALSE, FALSE, buf);
+ ev = CreateEvent (&sec_all_nih, FALSE, FALSE, buf);
if (!ev && GetLastError () == ERROR_ALREADY_EXISTS)
{
debug_printf ("%s event already exist");
Thu Aug 16 09:38:59 2001 Jason Tishler <jason@tishler.net>
* fhandler_socket.cc (fhandler_socket::create_secret_event): Relax
security of secret_event so AF_UNIX socket clients can connect to
servers even if running under a different user account.
(fhandler_socket::check_peer_secret_event): Ditto.