Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-developers-owner AT cygwin DOT com Delivered-To: mailing list cygwin-developers AT cygwin DOT com Subject: Re: cygserver usage questions From: Robert Collins To: Conrad Scott Cc: cygwin-developers AT sources DOT redhat DOT com In-Reply-To: <00a901c268a8$d2b50bb0$6132bc3e@BABEL> References: <20020930151551 DOT GA11140 AT redhat DOT com> <00a901c268a8$d2b50bb0$6132bc3e AT BABEL> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-dtyrtpE7m5Hjyeqt/Af/" Date: 01 Oct 2002 07:46:59 +1000 Message-Id: <1033422420.11273.223.camel@lifelesswks> Mime-Version: 1.0 --=-dtyrtpE7m5Hjyeqt/Af/ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2002-10-01 at 03:43, Conrad Scott wrote: > "Christopher Faylor" wrote: > > I notice that the code in cygserver creates some objects with > > the default security rather than using something like &sec_none_nih. > > Is that intentional? > > The security code in cygserver is much as I inherited it, except for > some bits that I've temporarily ripped out. My intention has been to > finish the whole System V IPC coding and then do the security as one > sweep afterwards (as most of the code will be common to all three > subsystems). The tty duplication code is as I found it too. (bar some refactoring to make it more generic). =20 > My impression about the existing security code is that a lot of stuff is > left wide open for the moment (i.e. for debugging purposes). For the > moment I'll fix the shared object creations to use the standard cygwin > approach as you suggest. MM, I don't recall at this point. A number of points apply here though: Cygserver doesn't fork(), so fork issues are not applicable. cygserver needs to hand some handles out, so it grabs full access to those handles, and masks out the rights other processes don't need. =20 Rob --=20 --- GPG key available at: http://users.bigpond.net.au/robertc/keys.txt. --- --=-dtyrtpE7m5Hjyeqt/Af/ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQA9mMZTI5+kQ8LJcoIRAsLSAJ9p+fRJrbbvC2k9xk2Lf6nWWmqUhgCfZteo Aqqw7ZDs7lsq5FoNqCbJLZ0= =rXMj -----END PGP SIGNATURE----- --=-dtyrtpE7m5Hjyeqt/Af/--