X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Thu, 20 Sep 2007 11:23:17 -0400 (EDT)
From: Igor Peshansky <pechtcha AT cs DOT nyu DOT edu>
Reply-To: cygwin AT cygwin DOT com
To: cygwin AT cygwin DOT com
Subject: Re: Is there someone offering cygwin paid support?
In-Reply-To: <20070920145956.GA743@trixie.casa.cgf.cx>
Message-ID: <Pine.GSO.4.63.0709201122230.2847@access1.cims.nyu.edu>
References: <e2712e1d0709140741n37326b85x8e9ef9a573f77a79 AT mail DOT gmail DOT com>  <2D9E96311DCA4C48BF185EA6928BC7BB026A1822 AT asc-mail DOT int DOT ascribe DOT com>  <e2712e1d0709170939m61231a41k665ba93e151495bd AT mail DOT gmail DOT com>  <fcmgrl$m5s$1 AT sea DOT gmane DOT org> <e2712e1d0709171249l856e9b1wd20369091011e723 AT mail DOT gmail DOT com>  <fcn658$vkl$1 AT sea DOT gmane DOT org> <20070918155829 DOT 1648 AT blackhawk>  <20070918151831 DOT GA27067 AT trixie DOT casa DOT cgf DOT cx> <slrnff0nrp DOT og DOT oudeis AT isis DOT thalatta DOT eme>  <46F238A7 DOT 9090807 AT etr-usa DOT com> <20070920145956 DOT GA743 AT trixie DOT casa DOT cgf DOT cx>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Thu, 20 Sep 2007, Christopher Faylor wrote:

> On Thu, Sep 20, 2007 at 03:08:55AM -0600, Warren Young wrote:
> >Will Parsons wrote:
> >>why would cygwin be less secure?
> >
> >The more moving parts, the more things there are to break.
> >
> >Postulate that you have a program that's been audited to the point that
> >you're absolutely certain it's 100% secure when run on Linux.
> >
> >Then you port it to Cygwin.  Is it secure?  The answer cannot be "Yes"
> >until you have also audited Cygwin itself to the same level of
> >assurance.
> >
> >Just one way it could fail is if there is a buffer overflow in the
> >implementation of one of Cygwin's interfaces, and your "100% secure"
> >program calls it.  It's then only a matter of time for a skilled hacker
> >to turn that buffer overflow into an arbitrary code execution
> >vulnerability.  At minimum, the hacker will then have the privileges of
> >the program.  Once the hacker has local access, chances are good that
> >he can parlay that into a privilege escalation attack, and it's Game
> >Over for you.
> >
> >Security is hard.
>
> I don't think I've given out a gold star for a clear explanation in a
> long time but can we get one over here?

Certainly: <http://cygwin.com/goldstars/#WY>.
	Igor
P.S. I also owe quite a few to folks on the cygwin-apps list...
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_	    pechtcha AT cs DOT nyu DOT edu | igor AT watson DOT ibm DOT com
ZZZzz /,`.-'`'    -.  ;-;;,_		Igor Peshansky, Ph.D. (name changed!)
     |,4-  ) )-,_. ,\ (  `'-'		old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

Belief can be manipulated.  Only knowledge is dangerous.  -- Frank Herbert

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/