This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Security Issue with Cygwin


Lambeth Darwin wrote:
> To whom it may concern;
>
> Not sure if you know this or not, but the default configuration with
> Cygwin allows any user to change to any directory on a W2K box and
> delete whatever files they want. I have installed it with the current
> default instructions and was able to logon as a regular domain user
> and cd to c: and delete or add files. That is a major issue. Let me
> know if there is something I missed.

Sounds like C: has excessively relaxed permissions, and you coincidentally
noticed after you had installed Cygwin.

You should be able to exactly the same from a cmd.exe shell.


Max.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]