This is the mail archive of the cygwin-patches mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH 4/6] forkables: Protect fork against dll-, exe-updates.


On Mar 30 21:12, Michael Haubenwallner wrote:
> On 03/30/2016 09:04 PM, Yaakov Selkowitz wrote:
> > On 2016-03-30 13:53, Michael Haubenwallner wrote:
> >> To support in-cygwin package managers, the fork() implementation must
> >> not rely on .exe and .dll files to stay in their original location, as
> >> the package manager's job is to replace these files.  Instead, we use
> >> the hardlinks to the original binaries in /var/run/cygfork/ to create
> >> the child process during fork, and let the main.exe.local file enable
> >> the "DotLocal Dll Redirection" feature for dlls.
> >>
> >> The (probably few) users that need an update-safe fork manually have to
> >> create the /var/run/cygfork/ directory for now, using:
> >> mkdir --mode=a=rwxt /var/run/cygfork
> > 
> > Have the security implications of this been considered?
> 
> Which security implications do you think of?
> 
> Removed but in-use binaries are available in the recycle bin anyway,
> and can manually be hardlinked to wherever one likes...

Permissions on the parent dirs and the files are always an issue...


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: signature.asc
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]