This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: security and cygwin


On Mon, 20 Sep 2004, Koskie, Sarah wrote:

> <snip>
> > >Are there any other security related issues I should know about?  I
> > >have to assume that cygwin as installed is safe until I have time to
> > >look into it, so I am hoping that my faith is not misplaced.
> >
> > Strange that you should ask this question now, since you admit to
> > using Cygwin prior to all this and apparently this wasn't a concern
> > then. No matter.  See the FAQ entry:
> >
> > How secure is Cygwin in a multi-user environment?
> > <http://cygwin.com/faq/faq_toc.html#TOC78>
>
> Thanks, but that does not answer my question.  I do not know what
> daemons are running.  I did not start any.  I assume some are started in
> the installation process but I don't know how to find out which they
> are.

setup.exe does not, currently, start (or even install) any daemons.  Any
daemon setup is usually done by the corresponding *-config script.  Unless
someone writes a postinstall script that will install a daemon (unlikely,
and should be considered a packaging bug), you should explicitly add any
daemons before they are started.

> I just searched the FAQs for any other mention of "daemon" and
> found none.  I have also checked the User's guide but it does not seem
> to contain any relevant info that I can see.

The Windows equivalent of "daemons" is "services".  Does that help?

> There should never be any users logged in remotely to my cygwin and if
> there is something I have to do to enforce that, that's part of what I
> want to know.

Unless you've added some services, there will be no remote users logged in
via Cygwin programs.

> I should also be the only one using sftp, ssh, etc. With the previous
> version of cygwin, I was able to sftp and ssh from cygwin to other
> machines but not from other machines to my desktop computer.  I hope
> that is still the case.

It should be.

> I'll check it eventually, but as mentioned, I have a
> more-than-full time job as other than an UNIX programmer or system
> administrator and I cannot just stop and spend a month setting up
> cygwin.  In the past I didn't have to.  The lack of relevant
> documentation and the complexity of the current setup and install
> process are extremely frustrating.

It would help more if you described the exact stumbling blocks and things
you didn't find in the docs and had to search for, or even provided
patches to the appropriate parts of the documentation.
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Happiness lies in being privileged to work hard for long hours in doing
whatever you think is worth doing."  -- Dr. Jubal Harshaw

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]