[Patch] Fixing the PROCESS_DUP_HANDLE security hole.
Christopher Faylor
cgf-no-personal-reply-please@cygwin.com
Fri Dec 24 15:39:00 GMT 2004
On Fri, Dec 24, 2004 at 08:40:29AM -0500, Pierre A. Humblet wrote:
>At 12:54 AM 12/24/2004 -0500, Pierre A. Humblet wrote:
>I think the way out is as follows:
>Toward the end of spawn_guts:
>
>ciresrv.sync (myself, INFINITE); [always]
>
>if (wait_for_myself)
> waitpid (myself->pid, &dummy, 0);
> [For clarity, these two lines should be brought down
> inside the case _P_OVERLAY: ]
Yes, I thought of this last night as I was trying to sleep. It also
dawned on me that I need to synchronize wr_proc_pipe any time it is
used. Otherwise an exec followed by a quick SIGSTOP may not work.
I almost got up to make these changes but, instead, I just dreamed
about them all night and had a crappy night's sleep.
The change to pinfo::exit didn't occur to me but it is logical. I
have made that change.
cgf
More information about the Cygwin-patches
mailing list