mirror of
git://sourceware.org/git/newlib-cygwin.git
synced 2025-01-19 04:49:25 +08:00
57640bee75
Commit 5a0f2c00aa "Cygwin: fork/exec: fix child process permissions" removed the PROCESS_DUP_HANDLE handle permission of the parent process handle in the child to avoid a security problem. It turned out that this broke the following scenario: If a process forks and then the parent execs, the child loses the ability to register the parent's death. To wit, after the parent died the child process does not set its own PPID to 1 anymore. The current exec mechanism copies required handle values (handles to keep contact to the child processes) into the child_info for the about-to-be-exec'ed process. The exec'ed process is supposed to duplicate these handles. This fails, given that we don't allow the exec'ed process PROCESS_DUP_HANDLE access to the exec'ing process since commit 5a0f2c00aa. The fix is to avoid the DuplicateHandle calls in the exec'ed process. This patch sets the affected handles to "inheritable" in the exec'ing process at exec time. The exec'ed process just copies the handle values and resets handle inheritance to "non-inheritable". The exec'ing process doesn't have to reset handle inheritance, it exits after setting up the exec'ed process anyway. Testcase: $ ssh-agent /bin/sleep 3 ssh-agent forks and the parent exec's sleep. After sleep exits, `ps' should show ssh-agent to have PPID 1, and eventually ssh-agent exits. Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Cygwin documentation is available on the net at https://cygwin.com You might especially be interested in https://cygwin.com/faq/faq.html#faq.programming.building-cygwin