This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Patch]: Fixing the PROCESS_DUP_HANDLE security hole (part 1).


At 11:14 PM 9/29/2003 -0400, you wrote:
>On Mon, Sep 29, 2003 at 09:55:25PM -0400, Pierre A. Humblet wrote:
>>Here is a patch that allows to open master ttys without giving
>>full access to the process, at least for access to the ctty. 
>>
>>It works by snooping the ctty pipe handles and duplicating them
>>on the cygheap, for use by future opens in descendant processes.
>>
>>It passes all the tests I tried, but considering my lack of knowledge
>>about ttys, everything is possible.
>
>Does it pass doing an "echo > /dev/tty1" where /dev/tty1 is a tty in
>another command window?

Of course, but not (anymore) if the command is issued by a user that
has no access rights to /dev/tty1.

Pierre


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]