Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sources DOT redhat DOT com>
List-Help:	<mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT sources DOT redhat DOT com
Delivered-To:	mailing list cygwin AT sources DOT redhat DOT com
Subject:	RE: The security of OpenSSH with cygwin.
Date:	Tue, 22 May 2001 09:35:22 +1000
MIME-Version:	1.0
Message-ID:	<EA18B9FA0FE4194AA2B4CDB91F73C0EF08EFED@itdomain002.itdomain.net.au>
X-MS-Has-Attach:
content-class:	urn:content-classes:message
X-MimeOLE:	Produced By Microsoft Exchange V6.0.4417.0
X-MS-TNEF-Correlator:
Thread-Topic:	The security of OpenSSH with cygwin.
Thread-Index:	AcDiSte8wZS2tkfVSoiNwuxKv0cGrAAA5Pfg
From:	"Robert Collins" <robert DOT collins AT itdomain DOT com DOT au>
To:	<joetesta AT hushmail DOT com>, <cygwin AT cygwin DOT com>
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id TAA12851

Egor Duda has spent some time researching security aspects of cygwin
(and patching as he goes). So he's a more authoritative source.

I know of at least one showstopper: It's currently possible for any
cygwin process to get a win32 handle with full access rights to any
other cygwin process. See the archives of the developer list for more
detail. (search on daemon - Egor has proposed a daemon to resolve the
issue).

Rob

> -----Original Message-----
> From: joetesta AT hushmail DOT com [mailto:joetesta AT hushmail DOT com]
> Sent: Tuesday, May 22, 2001 1:10 PM
> To: bugtraq AT securityfocus DOT com; cygwin AT cygwin DOT com
> Subject: The security of OpenSSH with cygwin.
> 
> 
> ----- Begin Hush Signed Message from joetesta AT hushmail DOT com -----
> 
> Hi --
> 
>     I am about to undertake a project using OpenSSH with 
> cygwin (http://www.cygwin.com/). 
>  Before doing so, I would like to ask if there is anyone who 
> has done any 
> security research on this combination already.
>     I have never seen any advisories on the BUGTRAQ mailing 
> list, and this 
> makes me a little uneasy (generally, I don't trust software 
> that hasn't 
> had at least one security fix in its history, unless I am its 
> author =] 
> ).  I have been trained enough to realize that complexity is 
> security's 
> enemy, and using the cygwin library to wrap the UNIX API with 
> the Window's 
> API definitely makes things more complex.
>     So, I'd like to know how many people have *at least 
> tried* to find holes 
> in an OpenSSH-cygwin combo.  I think I would feel a little 
> better if I know 
> that an honest attempt was made.  Thanks in advance.
> 
> 
>     - Joe Testa
> 
> e-mail:   joetesta AT hushmail DOT com
> web page: http://hogs.rit.edu/~joet
> AIM:      LordSpankatron
> 
> 
> ----- Begin Hush Signature v1.3 -----
> Eb5nyu04VZj5/7cmeklvZ79BqUGto/ln3c8Cy4H5R2EsgxhXqTwbDxpszhCGF/+6BrJ/
> oYY1nBWSKT97BDy017HHfWt0JBhZy4wfP9VbqmRzFx2QAJr6dVS9VRf9/5DWVM4+7SSX
> 6vZvBPiygdYujzlDmEIrziP9PGXL8+/fRj98pgGE53uKc9yIcDKmef1Uf1q7z5pPy8O7
> PE+IRCtF7jUtr4PTOV935d9499lXvM547MDvvx4394WDskG8prKyYaE9uZKc1wzCA0ob
> z7Gvhz4i9jAZIXXJ+m8Z4EU3n9gLpy/gz25grXO7ktH54ZEDdmQ25j3za+bIFCZ3u93w
> VbbYxKO6rQOjvPWTatcPHGC6TwBh+JxIEoVlLMVyIbjncamNL4Xd3odpcyd4Ukn6bItU
> sUnVLMIV6AaB693fKmrw30nywV6fKtrQbmr6appLvByCzXbS7X2DMrvLeL+dbODTTDSo
> eajwTcTPS5LdU8ZeDVs9rLnTC4HFRVFTaUwk1w34DWHN
> ----- End Hush Signature v1.3 -----
> 
> 
> This message has been signed with a Hush Digital Signature. 
> To verify the signature, please go to www.hush.com/tools
> 
> 
> Free, encrypted, secure Web-based email at www.hushmail.com
> 

--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple

- Raw text -