Cygwin: fork: fix child process permissions, take 2

VirtualQueryEx, called by fixup_mmaps_after_fork, requires PROCESS_QUERY_INFORMATION permissions per MSDN. However, testing shows that PROCESS_QUERY_LIMITED_INFORMATION is sufficient when running the same code on Windows 8.1 or Windows 10. Fix the code to give the forked child always PROCESS_QUERY_INFORMATION perms on Windows Vista/7 and respective server releases. Revert now unneeded patch to check_token_membership as well. Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-30 12:18:03 +01:00 · 2019-01-30 12:18:03 +01:00 · ef8ce3077f
parent a52396bd07
commit ef8ce3077f
3 changed files with 8 additions and 17 deletions
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@ -17,7 +17,6 @@ details. */

 /* UID/GID */
 void uinfo_init ();
-bool check_token_membership (HANDLE, PSID);
 bool check_token_membership (PSID);

 #define ILLEGAL_UID ((uid_t)-1)
--- a/winsup/cygwin/sigproc.cc
+++ b/winsup/cygwin/sigproc.cc
@ -819,12 +819,10 @@ child_info::child_info (unsigned in_cb, child_info_types chtype,
  if (type == _CH_FORK)
    {
      perms |= PROCESS_DUP_HANDLE;
-      /* For some reason fork on Windows 7 requires PROCESS_QUERY_INFORMATION
-	 rather than just PROCESS_QUERY_LIMITED_INFORMATION when started as a
-	 service. */
-      if (wincap.needs_query_information ()
-	  && (cygheap->user.saved_sid () == well_known_system_sid
-	      || check_token_membership (hProcToken, well_known_service_sid)))
+      /* VirtualQueryEx is documented to require PROCESS_QUERY_INFORMATION.
+	 That's true for Windows 7, but PROCESS_QUERY_LIMITED_INFORMATION
+	 appears to be sufficient on Windows 8 and later. */
+      if (wincap.needs_query_information ())
 	perms |= PROCESS_QUERY_INFORMATION;
    }

--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@ -118,13 +118,16 @@ cygheap_user::init ()
   This needs careful checking should we use check_token_membership in other
   circumstances. */
 bool
-check_token_membership (HANDLE tok, PSID sid)
+check_token_membership (PSID sid)
 {
  NTSTATUS status;
  ULONG size;
  tmp_pathbuf tp;
  PTOKEN_GROUPS groups = (PTOKEN_GROUPS) tp.w_get ();

+  /* If impersonated, use impersonation token. */
+  HANDLE tok = cygheap->user.issetuid () ? cygheap->user.primary_token ()
+					 : hProcToken;
  status = NtQueryInformationToken (tok, TokenGroups, groups, 2 * NT_MAX_PATH,
 				    &size);
  if (!NT_SUCCESS (status))
@ -139,15 +142,6 @@ check_token_membership (HANDLE tok, PSID sid)
  return false;
 }

-bool
-check_token_membership (PSID sid)
-{
-  /* If impersonated, use impersonation token. */
-  HANDLE tok = cygheap->user.issetuid () ? cygheap->user.primary_token ()
-					 : hProcToken;
-  return check_token_membership (tok, sid);
-}
-
 static void
 internal_getlogin (cygheap_user &user)
 {