problem with readonly pinfo?
Pierre A. Humblet
Pierre.Humblet@ieee.org
Wed Sep 17 01:25:00 GMT 2003
At 08:42 PM 9/16/2003 -0400, Christopher Faylor wrote:
>If I as a process group leader fork/exec a process, it doesn't seem like
>there's any way to distribute signals to the suid'ed subprocess since
>the shared memory region (or eventually pipe) for the subprocess will be
>inaccessible.
>
>Is there a way to play around with the security descriptor to fake process
>groups? Also, isn't the owner of a process always allowed to send the
process
>a control-C even if the owner is different than the uid of the process being
>run?
Sorry I couldn't answer more completely the first time.
I would have added that the acl of pinfo is basically the same as that
of the current semaphore/event, + read for Everybody. So signal
transmission will not be any worse than today.
About your last question, I am not sure I understand. The "uid of the process
being run" (after setuid, I assume) is really the sid of the thread that is
impersonated. It appears that an impersonated thread can keep using the
handles
openened before impersonation but cannot e.g. duplicate them.
At worse you may have to desimpersonate/reimpersonate to deliver a control-C
to a process for an impersonated thread.
Pierre
More information about the Cygwin-developers
mailing list