Mail Archives: cygwin/2002/04/24/16:57:57

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2002/04/24/16:57:57

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

From: Sam Edge <sam_edgeZZZ AT hotmail DOT com>

To: cygwin AT cygwin DOT com

Subject: Re: Getting Cygwin into a corporation..

Date: Wed, 24 Apr 2002 20:45:33 +0100

Organization: .

Message-ID: <4i0ecugmqo9ird7r0surb8jmce5af49esj@4ax.com>

References: <01fd01c1ebba$23197580$0d76aec7 AT D4LHBR01>

In-Reply-To: <01fd01c1ebba$23197580$0d76aec7@D4LHBR01>

MIME-Version: 1.0

X-Posting-Agent: Hamster/1.3.23.4

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id g3OKvs728912

You wrote in <01fd01c1ebba$23197580$0d76aec7 AT D4LHBR01>
in gmane.os.cygwin on Wed, 24 Apr 2002 11:01:56 -0700:

> In the company I work for they have outlawed all Unix
> variants (Linux, Solaris, OSX) from certain networks. I
> asked why Cygwin could not be installed and here is
> some of the response I got back:
> > Cygwin, in itself, is typically a harmless application.  
> > However, once installed, it does allow a user to invalidate 
> > the NT Security architecture; a user can then install cygwin 
> > ports without the NT administrators consent (including, of 
> > course, the cygwin DHCP port).
> How should I respond to this?

Cygwin1.dll and Cygwin applications makes calls to the OS API via
kernel32.dll and the other system DLLs just like any other Windows
application does. There's nothing they can do when run via a specific
user account that any other Windows program couldn't do running from
that same account.

The shared memory used by cygwin1.dll is not protected so a malicious
or buggy process in one context could crash a Cygwin process running
in another by corrupting this data. But if you avoid installing any
Cygwin programs as NT services then they'll all be running
interactively in the context of the current user so they can't do
anything that can't be done anyway.

-- 
Sam Edge

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
From:	Sam Edge <sam_edgeZZZ AT hotmail DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: Getting Cygwin into a corporation..
Date:	Wed, 24 Apr 2002 20:45:33 +0100
Organization:	.
Message-ID:	<4i0ecugmqo9ird7r0surb8jmce5af49esj@4ax.com>
References:	<01fd01c1ebba$23197580$0d76aec7 AT D4LHBR01>
In-Reply-To:	<01fd01c1ebba$23197580$0d76aec7@D4LHBR01>
MIME-Version:	1.0
X-Posting-Agent:	Hamster/1.3.23.4
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id g3OKvs728912