Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
From: joetesta AT hushmail DOT com
Message-Id: <200105220130.SAA08611@user7.hushmail.com>
Content-type: multipart/mixed; boundary="Hushpart_boundary_DnzotEOtgtkFOoxMxNnQGZiKiBFQzTAu"
Subject: Re: The security of OpenSSH with cygwin.
Mime-version: 1.0
To: cygwin AT cygwin DOT com, bugtraq AT securityfocus DOT com
Date: Mon, 21 May 2001 21:05:09 -0800 (PDT)

--Hushpart_boundary_DnzotEOtgtkFOoxMxNnQGZiKiBFQzTAu
Content-type: text/plain

----- Begin Hush Signed Message from joetesta AT hushmail DOT com -----



Christopher Faylor wrote:
>
>  On Tue, May 22, 2001 at 09:35:22AM +1000, Robert Collins wrote:
>
>  >I know of at least one showstopper: It's currently possible for any
>  >cygwin process to get a win32 handle with full access rights to any
>  >other cygwin process. See the archives of the developer list for more
>  >detail. (search on daemon - Egor has proposed a daemon to resolve the
>  >issue).
>
>  Right.  I cannot emphasize strongly enough that Cygwin is NOT A SECURE
>  ENVIRONMENT.  Do NOT trust it with sensitive data.  It is trivially
>  easy to hack.
>
>  cgf


My Windows programming days ended awhile ago, so pardon me if this is incorrect 
or doesn't make sense.

Under Windows 9x and Millenium, there is no (respectable) security model,
 so if someone was in the position to get one cygwin process to read and 
write to another, wouldn't they already be in the position to do something 
easier, like... run a keylogger to capture the password?  It seems to me 
that in these operating systems, cygwin's process insecurity is a moot issue.

Now this brings me to another question:  what does this mean in Windows 
NT/2000?  I have no experience with these operating systems, but here's 
what I dare to assume:  the security model would disallow this inter-process 
mingling.

Are there any other issues, proven or otherwise, that anyone is aware of?


    - Joe Testa
e-mail:   joetesta AT hushmail DOT com
web page: http://hogs.rit.edu/~joet
AIM:      LordSpankatron


----- Begin Hush Signature v1.3 -----
Arhwe8gl3dMPHEYOtaesUcOnUXk8wFpF38XU3UHecptMarOrzoYF33sjiklWUT+uaDSh
00495B3UnrUxfsULXYoNSn0lfZsj85It3xA3vuE4c60Y+Kb96NoeCf5IF7q54expsyan
5mltk6CIaP3M2dTHkCEon3zYeX2iq4yPoa2CRQBhAdaoJ47t5Bym78pchhhbrTOT16Aw
1NpMzB1TOIW4S3rSZaz4ZHLloTpwgcGIgjDTBEbpYWbgjrAOPXU3c2YqqLa2p8vxnGjN
o8dNEdlW2A0JSePV8+dB2Vy8Uc5bPF/AXTPt9S8j/bUMqNC/Rj03Fz3kHKEYQyIEsYBF
lh9isz8j1qy1peQWZcq35qOiceQQi5b7SRzS8m1ipf5QwysKzfo5yPf+EpCN/DCjiHc6
DLxrErSI6BO1cLyP4o9uRd4vIRgMVMbC8dTH/IOJyI5pooX5qDgDx6BGwxuxunPz2Weu
Pfz3HZvHdkruExb91CfmEMIGydPU28bzr5VvSORsbqB5
----- End Hush Signature v1.3 -----


This message has been signed with a Hush Digital Signature. 
To verify the signature, please go to www.hush.com/tools


Free, encrypted, secure Web-based email at www.hushmail.com

--Hushpart_boundary_DnzotEOtgtkFOoxMxNnQGZiKiBFQzTAu
Content-Type: text/plain; charset=us-ascii

--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
--Hushpart_boundary_DnzotEOtgtkFOoxMxNnQGZiKiBFQzTAu--