Cygwin: fork/exec: fix child process permissions

- Exec'ed/spawned processes don't need PROCESS_DUP_HANDLE.  Remove that
  permission from the parent handle.

- PROCESS_QUERY_LIMITED_INFORMATION doesn't work for Windows 7 if the
  process is started as a service.  Add PROCESS_QUERY_INFORMATION for
  pre-Windows 8 in that case.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

1 files changed, 16 insertions, 4 deletions

diff --git a/winsup/cygwin/sigproc.cc b/winsup/cygwin/sigproc.cc
index 45e948251..42eeb304d 100644
--- a/winsup/cygwin/sigproc.cc
+++ b/winsup/cygwin/sigproc.cc
@@ -811,12 +811,24 @@ child_info::child_info (unsigned in_cb, child_info_types chtype,
     }
   sigproc_printf ("subproc_ready %p", subproc_ready);
   /* Create an inheritable handle to pass to the child process.  This will
-     allow the child to duplicate handles from the parent to itself. */
+     allow the child to copy cygheap etc. from the parent to itself.  If
+     we're forking, we also need handle duplicate access. */
   parent = NULL;
+  DWORD perms = PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ;
+  if (type == _CH_FORK)
+    {
+      perms |= PROCESS_DUP_HANDLE;
+      /* For some reason fork on Windows 7 requires PROCESS_QUERY_INFORMATION
+	 rather than just PROCESS_QUERY_LIMITED_INFORMATION when started as a
+	 service. */
+      if (wincap.needs_query_information ()
+	  && (cygheap->user.saved_sid () == well_known_system_sid
+	      || check_token_membership (hProcToken, well_known_service_sid)))
+	perms |= PROCESS_QUERY_INFORMATION;
+    }
+
   if (!DuplicateHandle (GetCurrentProcess (), GetCurrentProcess (),
-			GetCurrentProcess (), &parent,
-			PROCESS_DUP_HANDLE | PROCESS_VM_READ
-			| PROCESS_QUERY_LIMITED_INFORMATION, TRUE, 0))
+			GetCurrentProcess (), &parent, perms, TRUE, 0))
     system_printf ("couldn't create handle to myself for child, %E");
 }