Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Wed, 5 Dec 2001 11:48:01 +0300
From: egor duda <deo AT logos-m DOT ru>
X-Mailer: The Bat! (v1.53 RC/4)
Reply-To: egor duda <cygwin AT cygwin DOT com>
Organization: deo
X-Priority: 3 (Normal)
Message-ID: <792981176.20011205114801@logos-m.ru>
To: Seth Delackner <seth AT jtan DOT com>
CC: cygwin AT cygwin DOT com
Subject: Re: Safety of ssh-agent re: fake unix sockets?
In-Reply-To: <20011204223757.A17439@io.jtan.com>
References: <20011204223757 DOT A17439 AT io DOT jtan DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi!

Wednesday, 05 December, 2001 Seth Delackner seth AT jtan DOT com wrote:

SD> Way back in January, in message
SD> http://www.cygwin.com/ml/cygwin/2001-01/msg00063.html

SD> I think Egor Duda, but perhaps David Peterson wrote
SD> that the socket implementation in cygwin allowed an
SD> attacker to simply send an RSA auth request to a
SD> specific port on your machine and presto, he would
SD> receive your private key.

first, the message you've referenced is a bit incorrect: AF_UNIX
sockets in cygwin can be connected from localhost _only_.
that is, exploits are possible only from users that are logged in
locally.

second, AF_UNIX sockets have recently been augmented with "secret
cookies" code which is supposed to prevent attacks from unauthorized
local users. see cygwin-developers@ archive for details.

SD> I really don't want to have to setup a port-blocking
SD> firewall just to prevent this, especially considering
SD> that ZoneAlarm is doing a fine job with application-
SD> specific blocking (and I have no other services running
SD> that outsiders could abuse).

firewalling from external hosts is not (and actually was not)
necessary wrt AF_UNIX sockets.

I'd like to stress again that cygwin is still insecure and can be
exploited by users locally logged on, but there's no known remote
exploits. If anyone knows about the ways to exploit cygwin remotely,
_please_ report them to cygwin-developers mailing list.

Egor.            mailto:deo AT logos-m DOT ru ICQ 5165414 FidoNet 2:5020/496.19


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/