Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
os: windows processes started with foreign token inherit the wrong environment [CVE-2019-11888] [1.12 backport] #32081
Done. I hope we didn't confuse him too much. Well, the backport issue here is correctly labelled and it's in the right milestone, so it should be fine. Let's keep an eye on this issue in any case.
…ndows processes This is CVE-2019-11888. Previously, passing a nil environment but a non-nil token would result in the new potentially unprivileged process inheriting the parent potentially privileged environment, or would result in the new potentially privileged process inheriting the parent potentially unprivileged environment. Either way, it's bad. In the former case, it's an infoleak. In the latter case, it's a possible EoP, since things like PATH could be overwritten. Not specifying an environment currently means, "use the existing environment". This commit amends the behavior to be, "use the existing environment of the token the process is being created for." The behavior therefore stays the same when creating processes without specifying a token. And it does the correct thing when creating processes when specifying a token. Updates #32000 Fixes #32081 Change-Id: Ib4a90cfffb6ba866c855f66f1313372fdd34ce41 Reviewed-on: https://go-review.googlesource.com/c/go/+/177538 Run-TryBot: Jason Donenfeld <Jason@zx2c4.com> TryBot-Result: Gobot Gobot <email@example.com> Reviewed-by: Ian Lance Taylor <firstname.lastname@example.org>