[Patch]: Fixing the PROCESS_DUP_HANDLE security hole (part 1).

Christopher Faylor cgf-no-personal-reply-please@cygwin.com
Tue Dec 9 04:36:00 GMT 2003

On Mon, Dec 08, 2003 at 10:46:03PM -0500, Pierre A. Humblet wrote:
>At 10:28 PM 12/8/2003 -0500, Christopher Faylor wrote:
>>On Mon, Dec 08, 2003 at 10:10:10PM -0500, Pierre A. Humblet wrote:
>>>Either myself->set_ctty should be smarter, or fhandler_tty_slave::dup
>>>could see if it's about the ctty and simply copy it.
>>I stared at the set_ctty code a long time trying to understand why it
>>went out of its way to do the ctty dance when there was already a ctty
>>and eventually convinced myself that maybe it was necessary in some
>>cases.  However, I can't see why it would ever be necessary to overwrite
>>the saved ctty so I've checked in a patch that avoids that which, I guess,
>>qualifies as making myself->set_ctty smarter.
>>Does that solve the problem?
>Yes, but now I see another one: open_fhs is off.
>fhandler_tty_slave::close: decremented open_fhs -1

I knew that it did that when exiting but I guess it will do that for the
setsid case, too.

>P.S. I thought you would have chosen to copy the ctty in dup.

I would have but the information that the fhandler contains the
controlling tty is lost by the time dup is called.  Hmm.  I guess I
could just check the io_handle.  I'll do that.


More information about the Cygwin-patches mailing list