This is the mail archive of the cygwin-developers@cygwin.com mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Fixing the PROCESS_DUP_HANDLE security hole.

At 11:46 AM 9/28/2003 -0400, you wrote:
>On Sat, Sep 27, 2003 at 09:24:10PM -0400, Christopher Faylor wrote:
>>Somehow I seem to remember that didn't work (even though I can't imagine
>>why) but I wasn't clever enough to document why.  I guess it can't hurt
>>to try it, advertise a snapshot, and ask for feedback.
>
>I've checked in the ppid_handle change (attributed to Pierre) and am
generating
>a snapshot now.

Thanks Chris, but I am still not sure I am getting my point across:
from a security point of view, giving PROCESS_DUP_HANDLE access is
equivalent to giving full access. The patch has the merit of making the
access explicit, but it doesn't improve security.
Anybody who logs in over the network with Cygwin can still take control of 
his/her SYSTEM parent.

Pierre
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]