[Patch] Fixing the PROCESS_DUP_HANDLE security hole.
Pierre A. Humblet
pierre@phumblet.no-ip.org
Wed Dec 22 18:44:00 GMT 2004
"Pierre A. Humblet" wrote:
>
> When running try_spawn with the snapshot, during the sleep period
> ps reports
>
> 690 443 690 232 0 11054 10:32:21 <defunct>
> 464 690 690 464 0 11054 10:32:21 /c/WINNT/system32/notepad
FWIW, I was thinking about this during lunch.
The basic issue is that the pipe to the parent is not closed in the spawned
Windows process. One way out is to make the pipe non-inheritable and
duplicate it either in the parent (fork and spawn, except detach)
or in the child (exec). Now that subproc_ready is back, it doesn't matter
that an exec'ed Windows process does not duplicate the pipe.
Pierre
More information about the Cygwin-patches
mailing list