This is the mail archive of the cygwin-developers@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

security hole in tty handling code


Hi!

  currently process owning master side of pty removes all security
protections from itself to allow children duplicate tty pipe handles.
i was feeling a bit- uneasy knowing that any user can call
OpenProcess() for inetd daemon running under LocalSystem account and
WriteProcessMemory() to it.

  so i've written a small program acting as server, which receives
requests from cygwin process wanting to open slave side of tty, checks
if client have needed permissions and duplicates pipe handles for it.
patch sent to cygwin-patches.

  i realize that it's rather substantial change in cygwin
architecture, but i think it's essential one if we want to make cygwin
in multi-user environment.

comments?

egor.            mailto:deo@logos-m.ru icq 5165414 fidonet 2:5020/496.19



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]