[Patch]: Fixing the PROCESS_DUP_HANDLE security hole (part 1).

Christopher Faylor cgf-no-personal-reply-please@cygwin.com
Tue Dec 9 05:08:00 GMT 2003

On Mon, Dec 08, 2003 at 11:36:01PM -0500, Christopher Faylor wrote:
>I would have but the information that the fhandler contains the
>controlling tty is lost by the time dup is called.  Hmm.  I guess I
>could just check the io_handle.  I'll do that.

I did this but, in testing, found that there are still other problems
with setsid assuming that it can close the cygheap ctty when there may
still be open fds which wouldn't like that to happen.

I'll work on that tomorrow.


More information about the Cygwin-patches mailing list