[Patch] Fixing the PROCESS_DUP_HANDLE security hole.
Igor Pechtchanski
pechtcha@cs.nyu.edu
Mon Nov 22 18:20:00 GMT 2004
On Mon, 22 Nov 2004, Christopher Faylor wrote:
> On Mon, Nov 22, 2004 at 12:46:46PM -0500, Igor Pechtchanski wrote:
> >Can the code simply propagate the actual exit code into the exitcode
> >field (since Windows programs don't know about signals)?
>
> And who would use it? How would a UNIX program know that the "negative"
> exit code represented a windows error code? A UNIX program would
> interpret the low order bytes as indicating a signal number and would
> think that there was a core dump if the appropriate bit was set. The
> exitcode field is just for use by the cygwin DLL. There is no way for a
> UNIX program to get more than eight bits (seven bits for signals) of
> exit code from a process.
Isn't that exactly what I said in the part that was snipped? As long as
ant (as a Cygwin shell script), for example, can rely on handling Java
programs that exit with code 1 or 2 (as opposed to 0), it should be fine.
I don't think any portable program uses negative exit codes for anything
other than indicating some sort of failure (for which a positive exit code
would do just fine). And I don't think we should care about non-portable
scripts/programs.
Igor
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha@cs.nyu.edu
ZZZzz /,`.-'`' -. ;-;;,_ igor@watson.ibm.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"The Sun will pass between the Earth and the Moon tonight for a total
Lunar eclipse..." -- WCBS Radio Newsbrief, Oct 27 2004, 12:01 pm EDT
More information about the Cygwin-patches
mailing list