|
From: | Jon Bright |
Subject: | Re: [Monotone-devel] Re: bug report ver 0.16, on windows |
Date: | Tue, 22 Feb 2005 20:49:34 +0100 |
User-agent: | Mozilla Thunderbird 1.0 (Windows/20041206) |
graydon hoare wrote:
Jon Bright wrote:Where are fork() and wait() being used? Should I maybe look at adding a forkandexec() call (which is supported everywhere), since Windows has no fork() ? wait() could then be used with the result of that...perhaps. we will need help with this, because it's used to implement the execution of mergers and editors from lua. see "execute" in std_hooks.lua. we used to call system(...), but this of course permitted shell attacks by mangling shell scripts into filenames. joy. so now we use fork+exec. something similar -- so long as it doesn't call shell -- would be fine by me.
My basic idea would be to implement using CreateProcess() on Windows, and just call down to fork/exec on Unix-like systems. I don't *think* calling CreateProcess() is abusable (other than maybe by getting a trojan before the intended .exe in the PATH, but if the attacker can do this, you've got bigger problems).
I haven't worked together the promised patch yet because I've become sidetracked with doing a VC++ port (which is going moderately well, but will need a bit of discussion here, probably). I'll try and get to the patch tomorrow and I'll then do an implementation of forkandexec() to see if it meets with approval.
-- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com
[Prev in Thread] | Current Thread | [Next in Thread] |