This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Patch] Fixing the PROCESS_DUP_HANDLE security hole.


I have run some more tests with a built from cvs this afternoon
and peeked at some of the changes, so here is some feedback.

When a process is terminated from Windows, the reported exit code
is 0. This can easily be fixed by initializing exitcode to
the value it should take when a process is terminated.

If my spawn(P_DETACH) program of yesterday is terminated from 
Windows during the sleep interval, then the parent process does
not notice the termination and keeps waiting.

This can be fixed with my lunch time ideas of yesterday.
Looking at the code, I saw that most of them were already 
implemented. The only changes are:
1) remove child_proc_info->parent_wr_proc_pipe stuff
2) in pinfo::wait, duplicate into non-inheritable wr_proc_pipe
3) make wr_proc_pipe inheritable just before exec
4) make wr_proc_pipe non-inheritable when starting after exec
 (or better? at the first fork or spawn, leaving 2) as currently done)

Comments on pinfo.cc comments:
Delete: "but, unfortunately, reparenting is still needed ..."
        It's really gone, isn't it?
Update: "We could just let this happen automatically when the process.."
        to indicate it's needed by P_DETACH (at least with current code)

Pierre



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]