Mail Archives: cygwin/2001/07/10/12:07:36

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2001/07/10/12:07:36

Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT sources DOT redhat DOT com>

List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT sources DOT redhat DOT com

Delivered-To: mailing list cygwin AT sources DOT redhat DOT com

Date: Tue, 10 Jul 2001 18:07:15 +0200

From: Corinna Vinschen <cygwin AT cygwin DOT com>

To: cygwin <cygwin AT cygwin DOT com>

Subject: Re: inetd security issues

Message-ID: <20010710180715.U8578@cygbert.vinschen.de>

Mail-Followup-To: cygwin <cygwin AT cygwin DOT com>

References: <5 DOT 0 DOT 2 DOT 1 DOT 0 DOT 20010710214050 DOT 00ad6308 AT mail DOT sprintsoft DOT com> <20010710172216 DOT S8578 AT cygbert DOT vinschen DOT de> <13097881035 DOT 20010710192940 AT logos-m DOT ru>

Mime-Version: 1.0

User-Agent: Mutt/1.2.5i

In-Reply-To: <13097881035.20010710192940@logos-m.ru>; from deo@logos-m.ru on Tue, Jul 10, 2001 at 07:29:40PM +0400

On Tue, Jul 10, 2001 at 07:29:40PM +0400, egor duda wrote:
> Hi!
> 
> Tuesday, 10 July, 2001 Corinna Vinschen cygwin AT cygwin DOT com wrote:
> 
> CV> Using Cygwin is not secure at all. If you or your admin has
> CV> honest security concerns don't open up the system by providing
> CV> services via inetd
> 
> actually, i'm not aware of any _remotely_ exploitable holes in cygwin
> inetutils. do anybody?

One wide open security hole is already the usage of rlogin and telnet
as administrator due to the transmission of unencrypted passwords.
That's not exactly what you're talking of but it's the most obvious
and the most ignored fact.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sources DOT redhat DOT com>
List-Help:	<mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT sources DOT redhat DOT com
Delivered-To:	mailing list cygwin AT sources DOT redhat DOT com
Date:	Tue, 10 Jul 2001 18:07:15 +0200
From:	Corinna Vinschen <cygwin AT cygwin DOT com>
To:	cygwin <cygwin AT cygwin DOT com>
Subject:	Re: inetd security issues
Message-ID:	<20010710180715.U8578@cygbert.vinschen.de>
Mail-Followup-To:	cygwin <cygwin AT cygwin DOT com>
References:	<5 DOT 0 DOT 2 DOT 1 DOT 0 DOT 20010710214050 DOT 00ad6308 AT mail DOT sprintsoft DOT com> <20010710172216 DOT S8578 AT cygbert DOT vinschen DOT de> <13097881035 DOT 20010710192940 AT logos-m DOT ru>
Mime-Version:	1.0
User-Agent:	Mutt/1.2.5i
In-Reply-To:	<13097881035.20010710192940@logos-m.ru>; from deo@logos-m.ru on Tue, Jul 10, 2001 at 07:29:40PM +0400