Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-developers-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin-developers AT sources DOT redhat DOT com
Message-ID: <012101c0c7fc$d5533520$0200a8c0@lifelesswks>
From: "Robert Collins" <robert DOT collins AT itdomain DOT com DOT au>
To: "egor duda" <cygwin-developers AT cygwin DOT com>
Cc: <cygwin-developers AT cygwin DOT com>
References: <EA18B9FA0FE4194AA2B4CDB91F73C0EF79C2 AT itdomain002 DOT itdomain DOT net DOT au> <20010418120530 DOT Q15962 AT cygbert DOT vinschen DOT de> <00a401c0c7f0$02bb1f30$0200a8c0 AT lifelesswks> <13327115627 DOT 20010418144700 AT logos-m DOT ru> <00ba01c0c7f6$530ac1b0$0200a8c0 AT lifelesswks> <123329292477 DOT 20010418152317 AT logos-m DOT ru>
Subject: Re: handle protection - please comment
Date: Wed, 18 Apr 2001 21:43:40 +1000
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
X-OriginalArrivalTime: 18 Apr 2001 11:36:22.0098 (UTC) FILETIME=[CAE33320:01C0C7FB]

----- Original Message -----
From: "egor duda" <deo AT logos-m DOT ru>
To: "Robert Collins" <robert DOT collins AT itdomain DOT com DOT au>
Cc: <cygwin-developers AT cygwin DOT com>
Sent: Wednesday, April 18, 2001 9:23 PM
Subject: Re: handle protection - please comment


> Hi!
>
> Wednesday, 18 April, 2001 Robert Collins
robert DOT collins AT itdomain DOT com DOT au wrote:
>
> RC> Place them in a a list in a shared memory area. That is
essentially what
> RC> kernels do. No process memory access is needed.
>
> They _are_ in shared memory area already. Passing handle value (via
> shared memory area or by other means) from process A to process B is
> _not_ enough to use it in process B. win32 handles _must_ be
> duplicated after they were passed from one process to another.

Doh!. I finally read up on DuplicateHandle and I think I grok the issue
now.

In my words: you cannot duplicate a handle from process A to B without
both process handles. And I assume that there are vulnerabilities in NT
related to having process handles irrespective of user privileges. (I
thought all you needed was access to the handle in shared memory + dup
access to the process that owns the object :[ ).

There is a third mechanism though: named objects. That's how I
implemented fifo's. (Named shared memory + named mutexs + named event
objects).

If the object doesn't have a path name per se, you can create
predictable names to allow others to open the object. Win9x will be an
issue with pipes though, unless we move to my fifo code :-/ (I'm not
suggesting that we do.)

Rob

> i know only 2 things in win32 api which allow using a handle from one
> process in another -- either inheritance or DuplicateHandle(). If you
> know some other way, it'd be nice to see the proof-of-concept code.
>
> Egor.            mailto:deo AT logos-m DOT ru ICQ 5165414 FidoNet
2:5020/496.19
>
>
>