[Patch] Fixing the PROCESS_DUP_HANDLE security hole.
Christopher Faylor
cgf-no-personal-reply-please@cygwin.com
Fri Nov 12 04:33:00 GMT 2004
On Thu, Nov 11, 2004 at 10:48:57PM -0500, Pierre A. Humblet wrote:
>Now that 1.5.12 is out, here is a patch to fix the PROCESS_DUP_HANDLE
>security hole. It uses a new approach to reparenting: the parent
>duplicates the exec'ed process handle when signaled by the child.
Can you refresh my memory (a URL is fine) on "the PROCESS_DUP_HANDLE
security hole"?
I'm not 100% certain but I think if you cast back into the dim recesses
of cygwin's past, you might find that this is the way things used to be
done, to some degree.
cgf
More information about the Cygwin-patches
mailing list