https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=4d738e0f62403c3f1b082abf927aab00056230c5
commit 4d738e0f62403c3f1b082abf927aab00056230c5 Author: Corinna Vinschen <[email protected]> Date: Tue Jan 29 20:37:00 2019 +0100 Cygwin: execve: reduce parent handle to non-inheritable SYNCHRONIZE Keeping an inheritable handle open results in that handle being spilled over into grandchild processes, which is not desired. Duplicate original parent handle into a non-inheritable one with minimal SYNCHRONIZE permissions and close the original handle. Signed-off-by: Corinna Vinschen <[email protected]> Diff: --- winsup/cygwin/dcrt0.cc | 30 +++++++++++++++++++++++------- winsup/cygwin/sigproc.cc | 3 ++- 2 files changed, 25 insertions(+), 8 deletions(-) diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc index 6b564dc..463df31 100644 --- a/winsup/cygwin/dcrt0.cc +++ b/winsup/cygwin/dcrt0.cc @@ -685,14 +685,30 @@ child_info_spawn::handle_spawn () ready (true); - /* Keep pointer to parent open if we've execed so that pid will not be reused. - Otherwise, we no longer need this handle so close it. - Need to do this after debug_fixup_after_fork_exec or DEBUGGING handling of - handles might get confused. */ - if (type != _CH_EXEC && child_proc_info->parent) + if (child_proc_info->parent) { - CloseHandle (child_proc_info->parent); - child_proc_info->parent = NULL; + if (type == _CH_EXEC) + { + /* Keep pointer to parent open if we've execed so that pid will not be + reused. Try to Urther reduce permissions. */ + HANDLE new_parent; + + if (DuplicateHandle (GetCurrentProcess (), child_proc_info->parent, + GetCurrentProcess (), &new_parent, + SYNCHRONIZE, FALSE, 0)) + { + CloseHandle (child_proc_info->parent); + child_proc_info->parent = new_parent; + } + } + else + { + /* Otherwise, we no longer need this handle so close it. Need to do + this after debug_fixup_after_fork_exec or DEBUGGING handling of + handles might get confused. */ + CloseHandle (child_proc_info->parent); + child_proc_info->parent = NULL; + } } signal_fixup_after_exec (); diff --git a/winsup/cygwin/sigproc.cc b/winsup/cygwin/sigproc.cc index 42eeb30..080fe58 100644 --- a/winsup/cygwin/sigproc.cc +++ b/winsup/cygwin/sigproc.cc @@ -814,7 +814,8 @@ child_info::child_info (unsigned in_cb, child_info_types chtype, allow the child to copy cygheap etc. from the parent to itself. If we're forking, we also need handle duplicate access. */ parent = NULL; - DWORD perms = PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ; + DWORD perms = PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ + | SYNCHRONIZE; if (type == _CH_FORK) { perms |= PROCESS_DUP_HANDLE;
