[Patch] Fixing the PROCESS_DUP_HANDLE security hole.

Christopher Faylor cgf-no-personal-reply-please@cygwin.com
Sat Nov 20 06:23:00 GMT 2004


Here's the good news/bad news.

On Tue, Nov 16, 2004 at 10:56:40AM -0500, Christopher Faylor wrote:
>The simplification of the code from removing all of the reparenting
>considerations is not something that I'm going to give up on easily.

Well, the code seems to be slightly faster now than the old method,
so that's something.  I think it's also a lot simpler.

There are some ancillary benefits of this new approach.  I've fixed the
old problem where if you run a process from a windows command prompt and
that process execs another process and it execs another process, each
process will wait around into the final process in the chain dies.

I've also added an 'exitcode' field to _pinfo so that a Cygwin process
will set the error code in a UNIX fashion based on whether it is exiting
due to a signal or with a normal exit().  Unfortunately, this means that
I don't know quite what to do with exit codes from Windows processes.
This is the last remaining problem before I check things in.  This
problem just occurred to me as I was typing in the ChangeLog and it may
be the one reason why you actually need to do the reparenting tango.

What do you want to bet that someone is relying on exit codes from a
non-cygwin java program?  Blech.

cgf



More information about the Cygwin-patches mailing list