delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/1997/12/04/22:51:14

From: anthonm AT tams DOT com DOT au (Michael Anthon)
Subject: RE: Feedback needed on proposed cygwin feature
4 Dec 1997 22:51:14 -0800 :
Message-ID: <3120D53DC9D5D011A59A00C0F016383303A323.cygnus.gnu-win32@server1>
Mime-Version: 1.0
To: gnu-win32 AT cygnus DOT com 

On Thursday, 4 December 1997 12:31, cgf AT bbc DOT com [SMTP:cgf AT bbc DOT com]
wrote:
> In article <34856623 DOT C5226DBC AT twinspot DOT net>,
> Tomas Fasth  <tomas DOT fasth AT twinspot DOT net> wrote:
> >Modifying the exe file "on-the-fly" for environmental settings is not
to
> >recommend. Two of the reasons I can think of is:
> >
> >* Security considerations in a multiuser / multiprocess environment.
> 
> What security considerations are there that are not also present with
> any other scheme, whether it is using extended attributes or setting
options
> in the registry?  You would have to have the right privileges to
change
> the binary.

Modification of binary files in a multi-user environment is not a good
thing.  The registry is there, you may as well use it.  Something I have
not yet seen mentioned is the fact that each user can have a separate
profile in the registry, making it easy for each user to have different
settings.  Modifying the binary might get just a little frustrating if
someone else keeps changing it to the way THEY like things (unless you
want to fill your hdd with multiple copies of executables)
Also, for a user to be able to modify a binary, they would need write
access to that binary.  I suspect this would cause nightmares for sys
admins, not to mention the possibility of adding back doors directly
into the binaries themselves.  I bet a normal user can't modify any of
the shell binaries in a standard Unix setup.

> 
> >* Will cause problem in environments with active virus protection.
> 
> How does a virus detection program detect the difference between
installing
> a new version of bash or changing a byte in the existing file?

SOME virus protection schemes are now including a mechansim whereby any
changes to an executable file will raise a warning.  Norman Anitvirus is
one in particular that I have used that does this.  It's a bit of a pain
if you forget to disable that feature before installing any new
software.  If that installation tries to upgrade, for example, a dll
file, as most of them seem to do these days, the Virus detection kicks
in and gives you a warning.

The same thing would apply to modification of the executables as
suggested here.


-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request AT cygnus DOT com" with one line of text: "help".

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019