X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-0.8 required=5.0	tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,T_RP_MATCHES_RCVD
X-Spam-Check-By: sourceware.org
Message-ID: <20100808125129.sfrtttc6oswkw4c4@webmail.bangor.ac.uk>
Date: Sun, 08 Aug 2010 12:51:29 +0100
From: cbsa01 AT bangor DOT ac DOT uk
To: moss AT cs DOT umass DOT edu
Cc: llio AT testun DOT co DOT uk, cygwin AT cygwin DOT com
Subject: Re: Moses with Cygwin on Windows 7
References: <009b01cb3572$08902780$19b07680$@co.uk>	<4C5C1C67 DOT 8060508 AT cs DOT umass DOT edu>	<20100807222339 DOT gwq7fz62o04g8w8s AT webmail DOT bangor DOT ac DOT uk>	<4C5DED62 DOT 6030606 AT cs DOT umass DOT edu>
In-Reply-To: <4C5DED62.6030606@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain;	charset=ISO-8859-1;	DelSp="Yes";	format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Internet Messaging Program (IMP) H3 (4.1.3)
X-BU-User: cbsa01
X-BU-MailScanner: Found to be clean, Found to be clean
X-BU-MailScanner-SpamCheck: nid sbam/not spam (goddefadwy/whitelisted), nid sbam/not spam (goddefadwy/whitelisted),	SpamAssassin (not cached, sgor/score=0.826, yn ofynnol/required 4.5,	autolearn=disabled, MAILTO_TO_SPAM_ADDR 0.28, NO_REAL_NAME 0.55)
X-BU-MailScanner-Information: Please contact the ISP for more information
X-MailScanner-ID: o78BpbcA014278
X-BU-MailScanner-From: cbsa01 AT bangor DOT ac DOT uk
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Dear Eliot,
your script does indeed sound much better.  Is it available to share?=20=20=
=20
Many thanks for sharing your insights in any case.
Best regards,
Llio Humphreys

Quoting Eliot Moss <moss AT cs DOT umass DOT edu>:

> On 8/7/2010 5:23 PM, cbsa01 AT bangor DOT ac DOT uk wrote:
>
>> many thanks for your reply. On why we need cygwin: the language=20=20=20
>> model we use is IRSTLM. The native
>> windows build of Moses does not currently use IRSTLM LMs.
>
> I know next to nothing about Moses, so I'll just trust you on this one!
>
>> I have been reading up a bit about debasing DLLs, and I gather from
>> http://www.codeproject.com/KB/DLL/RebaseDll.aspx that the purpose=20=20=
=20
>> is to avoid either two or more
>> DLLs using the same preferred base addresses, or the overheads of=20=20=
=20
>> relocation. However, on
>> http://social.msdn.microsoft.com/Forums/en-US/vcgeneral/thread/bac7e300-=
f3df-4087-9c4b-847880d625ad,
>> it is suggested that from Vista onwards, it is better to leave this=20=
=20
>>  to the operating systems's ASLR
>> (Address space layout randomization) in order to help defeat a=20=20=20
>> ?return-to-libc? attack. Do you agree
>> with this? If it is still necessary to do a rebase, what does your=20=20=
=20
>> script do that rebaseall doesn't?
>
> The problem is that the address space randomization interferes with how
> cygwin support fork().  Suppose a parent process maps library A at
> address X, but does not map library B at all.  Then suppose a forked
> process is not yet using library A, and ends up mapping library B
> at an address that overlaps X.  Then the child reaches a point where
> it needs to use library A.  The implementation of cygwin requires
> that if a parent and child use the same library, it must be at the
> same address.  Therefore the child's mapping attempt will block.
> That gives a sense of the scenario.  That may not be the exact
> case, but it's like that. Basically, we need to guarantee that all
> cygwin dlls map to different preferred places.
>
> Yes, this defeats the OS attempt to defeat a security attack.
>
> My script finds and rebases every dll file that cygwin 'find' can
> locate, while rebaseall only does certain directories.  For me,
> the difference lies in (at least) some perl-related dlls that are
> not where rebaseall looks.
>
> Another important thing is that the distance between preferred
> locations needs to be a little bigger than the default for rebase,
> on Vista (and Windows 7).  This is an obscure thing that Corinna
> found a while back and took me quite a while to locate in old
> email threads, but before I set that parameter, rebasing did not
> work right for me and after adding that it did.  Maybe they have
> changed the default by now, but I don't think so.
>
>> Re UAC prompts: this does look annoying but corporate security=20=20=20
>> regulations may prevent us from
>> turning it off completely. Is there some way to turn it off for=20=20=20
>> individual programs without using
>> third-party software?
>
> That lies outside my expertise.  I just turned it off.
>
> Best wishes -- Eliot Moss



----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple