X-Recipient: archive-cygwin@delorie.com
X-Spam-Check-By: sourceware.org
Date: Thu, 20 Sep 2007 10:59:56 -0400
From: Christopher Faylor <cgf-use-the-mailinglist-please@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: Is there someone offering cygwin paid support?
Message-ID: <20070920145956.GA743@trixie.casa.cgf.cx>
Reply-To: cygwin@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
References: <e2712e1d0709140741n37326b85x8e9ef9a573f77a79@mail.gmail.com> <2D9E96311DCA4C48BF185EA6928BC7BB026A1822@asc-mail.int.ascribe.com> <e2712e1d0709170939m61231a41k665ba93e151495bd@mail.gmail.com> <fcmgrl$m5s$1@sea.gmane.org> <e2712e1d0709171249l856e9b1wd20369091011e723@mail.gmail.com> <fcn658$vkl$1@sea.gmane.org> <20070918155829.1648@blackhawk> <20070918151831.GA27067@trixie.casa.cgf.cx> <slrnff0nrp.og.oudeis@isis.thalatta.eme> <46F238A7.9090807@etr-usa.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <46F238A7.9090807@etr-usa.com>
User-Agent: Mutt/1.5.16 (2007-06-09)
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie.com@cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

On Thu, Sep 20, 2007 at 03:08:55AM -0600, Warren Young wrote:
>Will Parsons wrote:
>>why would cygwin be less secure?
>
>The more moving parts, the more things there are to break.
>
>Postulate that you have a program that's been audited to the point that
>you're absolutely certain it's 100% secure when run on Linux.
>
>Then you port it to Cygwin.  Is it secure?  The answer cannot be "Yes"
>until you have also audited Cygwin itself to the same level of
>assurance.
>
>Just one way it could fail is if there is a buffer overflow in the
>implementation of one of Cygwin's interfaces, and your "100% secure"
>program calls it.  It's then only a matter of time for a skilled hacker
>to turn that buffer overflow into an arbitrary code execution
>vulnerability.  At minimum, the hacker will then have the privileges of
>the program.  Once the hacker has local access, chances are good that
>he can parlay that into a privilege escalation attack, and it's Game
>Over for you.
>
>Security is hard.

I don't think I've given out a gold star for a clear explanation in a
long time but can we get one over here?

cgf

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/