This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: security and cygwin

On Tue, 21 Sep 2004, Koskie, Sarah wrote:

> Actually, Reini, I didn't say that I didn't know what a daemon was, I
> said that I didn't know how to find out which ones were running (without
> additional research, which, has thus far been fruitless).  If I type ps
> -fA on my linux box at home, I get a list of all the running processes,
> even when I am not logged in as root.  When I type ps -fA in cygwin, I
> do not get a complete list -- just my shell and the ps command.

Not true.  Cygwin's "ps" doesn't even understand the "-A" flag.  Did you
mean the "-a" flag (lowercase, same as "-e")?  That should show all the
processes that run with the same Cygwin1.dll as the "ps" program (which
should be all Cygwin processes for most people).  If you don't see any
processes owned by SYSTEM, you're not running any daemons.  If you want to
see Windows processes as well, use the "-W" (uppercase) flag.

> Of course this brings up the question of who, exactly is root under
> cygwin, but a check of /etc/passwd seems to indicate that there isn't
> one.  I gather that if SYSTEM or Administrators wanted to take on the
> role, they'd be able to do it.

Any user is able to see all of the Cygwin processes, independent of which
user they run as.

> As far as I can see from what you wrote, the real issue is that windows
> is unsafe.  I don't use Explorer, and if there is an intruder on my
> machine, I already have a problem, independent of what they can do using
> cygwin services.  The question is whether someone can use cygwin to
> intrude.

Cygwin services (daemons) are usually as safe as the equivalent versions
of their Linux counterparts.  If you're interested, see advisory sites for
known vulnerabilities.  Cygwin maintainers are usually very good at
keeping up-to-date with the vulnerability patches for most services
(apache notwithstanding).

> I guess I don't see why anyone would install cygwin rather than linux
> unless they were stuck in a networked windows environment as I am, so I
> would assume that it would be designed to work reasonably in such an
> environment.  Only I and computer services have accounts on the machine.
> I have to trust computer services, and if they screw up, they can't
> blame me, so the only issue here is what I personally have to do to make
> sure I do not introduce extra security risks into the system.  (Wish the
> documentation addressed XP Pro rather than just NT.)

There shouldn't be much difference between XP Pro and NT in terms of the
Windows security interface that Cygwin uses.  Hope this answers your

> > -----Original Message-----
> > From: Reini Urban [mailto:rurban<at>x-ray<dot>at]

Oh, and <>.  Thanks.
      |\      _,,,---,,_
ZZZzz /,`.-'`'    -.  ;-;;,_
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Happiness lies in being privileged to work hard for long hours in doing
whatever you think is worth doing."  -- Dr. Jubal Harshaw

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]