This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
Re: [Patch] Fixing the PROCESS_DUP_HANDLE security hole.
On Fri, Dec 24, 2004 at 08:40:29AM -0500, Pierre A. Humblet wrote:
>At 12:54 AM 12/24/2004 -0500, Pierre A. Humblet wrote:
>I think the way out is as follows:
>Toward the end of spawn_guts:
>
>ciresrv.sync (myself, INFINITE); [always]
>
>if (wait_for_myself)
> waitpid (myself->pid, &dummy, 0);
> [For clarity, these two lines should be brought down
> inside the case _P_OVERLAY: ]
Yes, I thought of this last night as I was trying to sleep. It also
dawned on me that I need to synchronize wr_proc_pipe any time it is
used. Otherwise an exec followed by a quick SIGSTOP may not work.
I almost got up to make these changes but, instead, I just dreamed
about them all night and had a crappy night's sleep.
The change to pinfo::exit didn't occur to me but it is logical. I
have made that change.
cgf