This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Now that 1.5.12 is out, here is a patch to fix the PROCESS_DUP_HANDLE security hole. It uses a new approach to reparenting: the parent duplicates the exec'ed process handle when signaled by the child. It also handles correctly the case of a quick re-exec (2 simultaneous reparenting), which is a weak point of the current version. Pierre P.S.: I have no news about the recent patch to /bin/kill -f 2004-11-12 Pierre Humblet <pierre.humblet@ieee.org> * pinfo.h (_pinfo::isreparenting): New element. (_pinfo::ppid_sendsig): Ditto. (_pinfo::exit): Suppress second argument. * child_info.h: Update CURR_CHILD_INFO_MAGIC. (child_info::pppid_sendsig): New element. * sigproc.h: Add __SIGREPARENT. (enum procstuff): Add PROC_REPARENT. * pinfo.cc (_pinfo::exit): Suppress second argument. If required, send reparenting signal and wait. * spawn.cc (spawn_guts): Implement new reparenting strategy. * sigproc.cc (proc_subproc): Reduce access to vchild->pid_handle and vchild->ppid_handle. Set ppid_sendsig by duplication. Add PROC_REPARENT case and simplify PROC_CHILDTERMINATED case. (sig_send): Use ppid_sendsig to signal parent. (init_child_info): Set pppid_sendsig. (wait_sig): Add __SIGREPARENT case. * dcrto.cc (dll_crt0_0): Close pppid_sendsig.
Attachment:
reparent.diff
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |