Cygwin: fork: restrict parent handle perms and drop handle after use

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

3 files changed, 7 insertions, 3 deletions

diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc
index af5eaaca7..cf2a08eb1 100644
--- a/winsup/cygwin/dcrt0.cc
+++ b/winsup/cygwin/dcrt0.cc
@@ -637,7 +637,8 @@ child_info_fork::handle_fork ()
 bool
 child_info_spawn::get_parent_handle ()
 {
-  parent = OpenProcess (PROCESS_VM_READ, false, parent_winpid);
+  parent = OpenProcess (PROCESS_QUERY_LIMITED_INFORMATION, FALSE,
+			parent_winpid);
   moreinfo->myself_pinfo = NULL;
   return !!parent;
 }
diff --git a/winsup/cygwin/fork.cc b/winsup/cygwin/fork.cc
index 6813446cf..d8c4ac459 100644
--- a/winsup/cygwin/fork.cc
+++ b/winsup/cygwin/fork.cc
@@ -203,6 +203,8 @@ frok::child (volatile char * volatile here)
      rd_proc_pipe that would be an invalid handle.  In the case of
      wr_proc_pipe it would be == my_wr_proc_pipe.  Both would be bad. */
   ch.rd_proc_pipe = ch.wr_proc_pipe = NULL;
+  CloseHandle (hParent);
+  hParent = NULL;
   cygwin_finished_initializing = true;
   return 0;
 }
diff --git a/winsup/cygwin/sigproc.cc b/winsup/cygwin/sigproc.cc
index 92fa5ea3d..45e948251 100644
--- a/winsup/cygwin/sigproc.cc
+++ b/winsup/cygwin/sigproc.cc
@@ -814,8 +814,9 @@ child_info::child_info (unsigned in_cb, child_info_types chtype,
      allow the child to duplicate handles from the parent to itself. */
   parent = NULL;
   if (!DuplicateHandle (GetCurrentProcess (), GetCurrentProcess (),
-			GetCurrentProcess (), &parent, 0, true,
-			DUPLICATE_SAME_ACCESS))
+			GetCurrentProcess (), &parent,
+			PROCESS_DUP_HANDLE | PROCESS_VM_READ
+			| PROCESS_QUERY_LIMITED_INFORMATION, TRUE, 0))
     system_printf ("couldn't create handle to myself for child, %E");
 }