Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Mon, 22 Dec 2003 23:57:51 -0500 From: Christopher Faylor To: cygwin AT cygwin DOT com Cc: "Pierre A. Humblet" Subject: Re: Unable to compile cygwin Message-ID: <20031223045751.GB10202@redhat.com> Mail-Followup-To: cygwin AT cygwin DOT com, "Pierre A. Humblet" References: <20031222215956 DOT GB32638 AT redhat DOT com> <20031223015333 DOT GA7322 AT redhat DOT com> <20031223041300 DOT GA1004023 AT hpn5170x> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031223041300.GA1004023@hpn5170x> User-Agent: Mutt/1.4.1i X-IsSubscribed: yes Reply-To: cygwin AT cygwin DOT com On Mon, Dec 22, 2003 at 11:13:00PM -0500, Pierre A. Humblet wrote: >I believe that the latest snapshot is "as secure as Windows" in the case >where the only Cygwin processes are logged in using Terminal Services >on Windows 2003 or Windows 2000 sp4, and do not have the "Create Global >Object" privilege (please don't laugh, that's an achievement). >That is, if such a user runs cygwin compiled programs under a cygwin shell, >he is no more exposed and has no more power that if running regular Windows >programs under cmd.exe There are still other holes. However, while I understand that there is no real security in security through obscurity, I don't think it is useful to discuss all of the specific holes we know of in a public list. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/