On Thu, Nov 11, 2004 at 10:48:57PM -0500, Pierre A. Humblet wrote: >Now that 1.5.12 is out, here is a patch to fix the PROCESS_DUP_HANDLE >security hole. It uses a new approach to reparenting: the parent >duplicates the exec'ed process handle when signaled by the child.
Can you refresh my memory (a URL is fine) on "the PROCESS_DUP_HANDLE security hole"? I'm not 100% certain but I think if you cast back into the dim recesses of cygwin's past, you might find that this is the way things used to be done, to some degree. cgf