X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Message-ID: <46F06235.11A4C514@dessent.net>
Date: Tue, 18 Sep 2007 16:41:41 -0700
From: Brian Dessent <brian AT dessent DOT net>
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Is there someone offering cygwin paid support?
References: <e2712e1d0709140741n37326b85x8e9ef9a573f77a79 AT mail DOT gmail DOT com> <2D9E96311DCA4C48BF185EA6928BC7BB026A1822 AT asc-mail DOT int DOT ascribe DOT com> <e2712e1d0709170939m61231a41k665ba93e151495bd AT mail DOT gmail DOT com> <fcmgrl$m5s$1 AT sea DOT gmane DOT org> <e2712e1d0709171249l856e9b1wd20369091011e723 AT mail DOT gmail DOT com> <fcn658$vkl$1 AT sea DOT gmane DOT org> <20070918155829 DOT 1648 AT blackhawk> <20070918151831 DOT GA27067 AT trixie DOT casa DOT cgf DOT cx> <slrnff0nrp DOT og DOT oudeis AT isis DOT thalatta DOT eme>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Reply-To: cygwin AT cygwin DOT com
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Will Parsons wrote:

> I'm curious about this.  I think I recall from years ago a response to an
> enquiry about cygwin security that was basically along the lines that cygwin
> is as secure as the underlying Windows system.  That made sense to me - why
> would cygwin be less secure?

Fundamentally, yes, Cygwin is just a normal user mode library so at the
end of the day all the security restrictions of the operating system
still apply.  But consider what happens if you compile POSIX code that
uses e.g. chroot().  There is no such syscall on Windows, so Cygwin
emulates it.  But since Cygwin is not part of the operating system, it
can't actually prevent the program from accessing something outside of
the new root, say by directly calling the Win32 API or using a Win32
filename.  A server daemon for example that ran in a chroot jail would
represent a valid security technique on Linux -- this would work as well
on paper in Cygwin but it would represent a false sense of security
because it's not actually going to prevent much.

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/