| delorie.com/archives/browse.cgi | search |
On Thu, Sep 20, 2007 at 03:08:55AM -0600, Warren Young wrote: >Will Parsons wrote: >>why would cygwin be less secure? > >The more moving parts, the more things there are to break. > >Postulate that you have a program that's been audited to the point that >you're absolutely certain it's 100% secure when run on Linux. > >Then you port it to Cygwin. Is it secure? The answer cannot be "Yes" >until you have also audited Cygwin itself to the same level of >assurance. > >Just one way it could fail is if there is a buffer overflow in the >implementation of one of Cygwin's interfaces, and your "100% secure" >program calls it. It's then only a matter of time for a skilled hacker >to turn that buffer overflow into an arbitrary code execution >vulnerability. At minimum, the hacker will then have the privileges of >the program. Once the hacker has local access, chances are good that >he can parlay that into a privilege escalation attack, and it's Game >Over for you. > >Security is hard. I don't think I've given out a gold star for a clear explanation in a long time but can we get one over here? cgf -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |