Cygwin: execve: reduce parent handle to non-inheritable SYNCHRONIZE

Keeping an inheritable handle open results in that handle being
spilled over into grandchild processes, which is not desired.
Duplicate original parent handle into a non-inheritable one with
minimal SYNCHRONIZE permissions and close the original handle.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

1 files changed, 23 insertions, 7 deletions

diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc
index 6b564dc..463df31 100644
--- a/winsup/cygwin/dcrt0.cc
+++ b/winsup/cygwin/dcrt0.cc
@@ -685,14 +685,30 @@ child_info_spawn::handle_spawn ()
 
   ready (true);
 
-  /* Keep pointer to parent open if we've execed so that pid will not be reused.
-     Otherwise, we no longer need this handle so close it.
-     Need to do this after debug_fixup_after_fork_exec or DEBUGGING handling of
-     handles might get confused. */
-  if (type != _CH_EXEC && child_proc_info->parent)
+  if (child_proc_info->parent)
     {
-      CloseHandle (child_proc_info->parent);
-      child_proc_info->parent = NULL;
+      if (type == _CH_EXEC)
+	{
+	  /* Keep pointer to parent open if we've execed so that pid will not be
+	     reused.  Try to Urther reduce permissions. */
+	  HANDLE new_parent;
+
+	  if (DuplicateHandle (GetCurrentProcess (), child_proc_info->parent,
+			       GetCurrentProcess (), &new_parent,
+			       SYNCHRONIZE, FALSE, 0))
+	    {
+	      CloseHandle (child_proc_info->parent);
+	      child_proc_info->parent = new_parent;
+	    }
+	}
+      else
+	{
+	  /* Otherwise, we no longer need this handle so close it.  Need to do
+	     this after debug_fixup_after_fork_exec or DEBUGGING handling of
+	     handles might get confused. */
+	  CloseHandle (child_proc_info->parent);
+	  child_proc_info->parent = NULL;
+	}
     }
 
   signal_fixup_after_exec ();