You are a *God*, Pierre. ;-) -- Gary R. Van Sickle Brewer. Patriot.
> Cygwin uses a "delete queue" in a shared file mapping to hold > the names of files that could not be deleted on unlink, usually > because they were still opened. The queue is scanned by all > processes so that the files eventually get deleted after they > are closed. > > Because Everyone has write access to the file mapping, any user > can add names to the delete queue, and thus any user can trick > other processes into deleting any and all files on a PC where a cygwin > daemon is running as SYSTEM. > > The solution is simple: create per user delete queues. They are > placed in the same mapping as the mount table. So the change > is extremely straightforward. The length of the change log comes > from renaming many variable to have names reflect functions. > > There will be a follow up patch with the following cleanup: > remove now unneeded fields from the mount_info and shared_info and > run the "magic" on the new/modified structures. > > Pierre > > > 2003-09-15 Pierre Humblet <[EMAIL PROTECTED]> > > * shared_info.h (class user_info): New. > (cygwin_user_h): New. > (user_shared): New. > (enum shared_locations): Replace SH_MOUNT_TABLE by SH_USER_SHARED; > (mount_table): Change from variable to macro. > * shared.cc: Use sizeof(user_info) in "offsets". > (user_shared_initialize): Add "reinit" argument to indicate need > to reinitialize the mapping. Replace "mount_table" by "user_shared" > throughout. Call user_shared->mountinfo.init and > user_shared->delqueue.init. > (shared_info::initialize): Do not call delqueue.init. > (memory_init): Add argument to user_shared_initialize. > * child_info.h (child_info::mount_h): Delete. > (child_info::user_h): New. > * sigpproc.cc (init_child_info): Use user_h instead of mount_h. > * dcrt0.cc (_dll_crt0): Ditto. > * fhandler_disk_file.cc (fhandler_disk_file::close): Use > user_shared->delqueue instead of cygwin_shared->delqueue. > * fhandler_virtual.cc (fhandler_virtual::close): Ditto. > * syscalls.cc (close_all_files): Ditto. > (unlink): Ditto. > (seteuid32): Add argument to user_shared_initialize. >
