This is the mail archive of the cygwin-developers@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: security hole in tty handling code


Why not just set the permissions and let the client calls fail if they
aren't from the same user?

I've heard that
"server" based solutions like you've put toghether usually fail in
terminal server environments...

Rob

----- Original Message -----
From: "Egor Duda" <deo@logos-m.ru>
To: <cygwin-developers@cygwin.com>
Sent: Thursday, March 29, 2001 3:20 AM
Subject: security hole in tty handling code


> Hi!
>
>   currently process owning master side of pty removes all security
> protections from itself to allow children duplicate tty pipe handles.
> i was feeling a bit- uneasy knowing that any user can call
> OpenProcess() for inetd daemon running under LocalSystem account and
> WriteProcessMemory() to it.
>
>   so i've written a small program acting as server, which receives
> requests from cygwin process wanting to open slave side of tty, checks
> if client have needed permissions and duplicates pipe handles for it.
> patch sent to cygwin-patches.
>
>   i realize that it's rather substantial change in cygwin
> architecture, but i think it's essential one if we want to make cygwin
> in multi-user environment.
>
> comments?
>
> egor.            mailto:deo@logos-m.ru icq 5165414 fidonet
2:5020/496.19
>
>
>


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]