This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: BLODA detection code in latest snapshot
- From: David Rothenberger <daveroth at acm dot org>
- To: cygwin at cygwin dot com
- Date: Mon, 27 Feb 2012 18:53:41 -0800
- Subject: Re: BLODA detection code in latest snapshot
- References: <20120227122614.GB31025@calimero.vinschen.de>
- Reply-to: cygwin at cygwin dot com
On 2/27/2012 4:26 AM, Corinna Vinschen wrote:
> Of course this is not foolproof. The only filtered system DLLs so
> far are kernel32.dll, ntdll.dll, mswsock.dll, amd ws2_32.dll. If you
> playing around with this, and if you find that a core system DLL is
> reported (like, say, advapi32.dll), then please notify this list, too.
On one of my Windows XP 32 boxes, it is reporting
Potential BLODA detected! Thread function called outside of Cygwin DLL:
C:\WINDOWS\system32\advapi32.dll
when I ssh to another host. The machine DOES have potential BLODA,
though: Symantec Endpoint Protection. It's never caused me any problems.
You did say above to report to the list if advapi32.dll is reported, and
you didn't say not to report it if there is helpful anti-workright
software on the machine, so, here's your report. Forgive me if I
misunderstood.
--
David Rothenberger ---- daveroth@acm.org
Small things make base men proud.
-- William Shakespeare, "Henry VI"
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple