This is the mail archive of the
mailing list for the Cygwin project.
Re: Silly question about OpenSSH and Cygwin
- To: joshua dot newton at dfs dot com
- Subject: Re: Silly question about OpenSSH and Cygwin
- From: egor duda <deo at logos-m dot ru>
- Date: Wed, 8 Aug 2001 19:07:43 +0400
- CC: cygwin at cygwin dot com
- Organization: deo
- References: <88256AA2.firstname.lastname@example.org>
- Reply-To: egor duda <cygwin at cygwin dot com>
Wednesday, 08 August, 2001 email@example.com firstname.lastname@example.org wrote:
jndc> I'm going to cross my fingers and hope this question hasn't been asked before.
jndc> Is Cygwin still inherently insecure on a multiuser system, or is this a FAQ
jndc> entry that hasn't been revised in a while?
yes. it's still insecure. i don't know any ways to exploit cygwin
remotely, but doing so locally is rather easy. see thread
if you want details.
making cygwin secure requires architectural changes and adding special
"cygwin daemon" which will take care of inter-process security stuff.
there's a prototype of such daemon posted in
i have to admit it's a bit "unpractical", i.e. its interface is not
very flexible. it works for me for several months now, though.
and i should stress out that it's _only_one_ of known security holes
jndc> If it's still correct, is there any way to lock it down, or
jndc> protect Cygwin from non-admin users? The new system I was
jndc> prototyping relies on sshd running on all the workstations. I
jndc> see lots of other folks using OpenSSH on Cygwin for a variety of
jndc> things, so I'm going to guess that I missed something.
they probably don't care much ( not being paranoid :) ), or they can
trust users that logon locally on machines with sshd.
jndc> But -- we're working in a reasonably security-conscious environment, and the
jndc> last thing I want to do is explain myself to an audit team when
jndc> they find out I deployed new code that's hackable by anyone
jndc> logged into the workstations locally.
then you can help us with audit of cygwin's security! :) i believe any
potential security hole in cygwin should and _can_ be fixed, but
1) we must know about this particular hole.
2) it may take time and certain amount of efforts to fix it.
Egor. mailto:email@example.com ICQ 5165414 FidoNet 2:5020/496.19
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html