Cygwin: execve: reduce parent handle to non-inheritable SYNCHRONIZE

Keeping an inheritable handle open results in that handle being spilled over into grandchild processes, which is not desired. Duplicate original parent handle into a non-inheritable one with minimal SYNCHRONIZE permissions and close the original handle. Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
author: Corinna Vinschen <corinna@vinschen.de> 2019-01-29 22:37:00 +0300
committer: Corinna Vinschen <corinna@vinschen.de> 2019-01-29 22:37:00 +0300
commit: 4d738e0f62403c3f1b082abf927aab00056230c5 (patch)
tree: 03720baec7164389183cce562ed268cd421edb28 /winsup/cygwin/sigproc.cc
parent: 5a0f2c00aa019de73a6077ca3017b594c43184a4 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/winsup/cygwin/sigproc.cc b/winsup/cygwin/sigproc.cc
index 42eeb304d..080fe58df 100644
--- a/winsup/cygwin/sigproc.cc
+++ b/winsup/cygwin/sigproc.cc
@@ -814,7 +814,8 @@ child_info::child_info (unsigned in_cb, child_info_types chtype,
      allow the child to copy cygheap etc. from the parent to itself.  If
      we're forking, we also need handle duplicate access. */
   parent = NULL;
-  DWORD perms = PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ;
+  DWORD perms = PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ
+		| SYNCHRONIZE;
   if (type == _CH_FORK)
     {
       perms |= PROCESS_DUP_HANDLE;
author	Corinna Vinschen <corinna@vinschen.de>	2019-01-29 22:37:00 +0300
committer	Corinna Vinschen <corinna@vinschen.de>	2019-01-29 22:37:00 +0300
commit	4d738e0f62403c3f1b082abf927aab00056230c5 (patch)
tree	03720baec7164389183cce562ed268cd421edb28 /winsup/cygwin/sigproc.cc
parent	5a0f2c00aa019de73a6077ca3017b594c43184a4 (diff)