Thread-safeness in cygwin32

Geoffrey Noer noer@cygnus.com
Sun Nov 23 19:50:00 GMT 1997


> Can one process corrupt another
> through the common use of cygwin.dll or otherwise?

Yes.  Needless to say, this is highly undesirable.

I'll repeat something from the list that will be included in the
b19 FAQ:

Cygwin32 is not secure in a multi-user environment.  For
example if you have a long running daemon such as "inetd"
running as admin while ordinary users are logged in, or if
you have a user logged in remotely while another user is logged
into the console.  One cygwin client can trick another into
running code for it.  In this way one user may gain the
priveledge of another cygwin program running on the machine.
This is because cygwin has shared state that is accessible by
all processes.

(thanks to Tim Newsham (newsham@@lava.net) for this explanation)

-- 
Geoffrey Noer
noer@cygnus.com
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".



More information about the Cygwin mailing list