X-Recipient: archive-cygwin AT delorie DOT com
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org AC60B3857807
Authentication-Results: sourceware.org; dmarc=none (p=none dis=none)
 header.from=linuxandria.com
Authentication-Results: sourceware.org;
 spf=pass smtp.mailfrom=admin AT linuxandria DOT com
ARC-Seal: i=1; a=rsa-sha256; t=1598366222; cv=none; 
 d=zohomail.com; s=zohoarc; 
 b=h+7Qd8Y9RyvQyyYbtVxNOPkIbvZxAOkrLO+2krqal+YJdnoUceKv3npbqymCfmORpyZYQwJnKazOQn2ZVlpVH3eAVACSsFeZ/i1rbfGeQgdhpSmohKgreqM7yWpd4Zl09/8iDyct/+DBm1KlMVRR7J8zFUbp0PLUFyUQE8ZKIDA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc; t=1598366222;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
 bh=msTv5XHMnf27FASXk/ZAWlQfP0eqQIGgKBGne+D3SgQ=; 
 b=MyRAoZ7cdDDVq/lWKoordG2qU4DOMdhbOVPVFVMk2T35HIOiZAhzMWTpy358uXiEYjThKNtVKeOHQ506Ss1X+N7EHiHhvfhnrS7ZhnrDF4kRmi+jDstDiIkCjWHlPHZlZjRTV10kyeibiOcZRMOux5Q3YQLle2VuxBPCUjFqLaU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
 dkim=pass  header.i=linuxandria.com;
 spf=pass  smtp.mailfrom=admin AT linuxandria DOT com;
 dmarc=pass header.from=<admin AT linuxandria DOT com>
 header.from=<admin AT linuxandria DOT com>
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; 
 s=default; d=linuxandria.com; 
 h=from:to:cc:references:in-reply-to:subject:date:message-id:mime-version:content-type;
 b=izTwgwhd+KxAXXx0OYRhNORv9G6yfs0G+a9lj8DEzmMWj3eEUKbHNThRVAgy31wwhstfQuUsKtWG
 EUMtxdh7/slLE+pVwh9bLaM+MLcuKqZ7aYMV6WT3BrF/z3lZiAQLmuUjUZgTi9kviiRQiTJo56yT
 CFq8btNq6EnRF++WOGk=  
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1598366222; 
 s=default; d=linuxandria.com; i=admin AT linuxandria DOT com;
 h=From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding;
 bh=msTv5XHMnf27FASXk/ZAWlQfP0eqQIGgKBGne+D3SgQ=;
 b=FXoDPkfb7hN49fSUfndZr+gBMANT+a9rMzjnG74Tm8o7g6Ii60ddH5RU7mPwBcBW
 xOa6JopzDq9CK8fjbEiHQZMQ/+jKNmcnZDYHMKF+05jKgk46GkP8b8r4/dsk1O+02yc
 3gYYkZvhvvqpSMsSaCnetzYTPO9WEPaF8KL/QsIs=
From: "Alexandria Cortez" <admin AT linuxandria DOT com>
To: "'Eliot Moss'" <moss AT roc DOT cs DOT umass DOT edu>
References: <!&!AAAAAAAAAAAuAAAAAAAAAALnY9Oyj39Bmm+bZ+AsdEYBAMO2jhD3dRHOtM0AqgC7tuYAAAAAAA4AABAAAACpqdOkYbaoTKteTcuy1wdvAQAAAAA=@linuxandria.com>
 <4AA035EB-1325-4C1B-B399-28FC9176F203 AT roc DOT cs DOT umass DOT edu>
In-Reply-To: <4AA035EB-1325-4C1B-B399-28FC9176F203@roc.cs.umass.edu>
Subject: RE: Mandatory ASLR breaks Cygwin - Windows 10
Date: Tue, 25 Aug 2020 10:36:55 -0400
Message-ID: <006c01d67aed$2f7f0660$8e7d1320$@linuxandria.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQKHdN2I7RjeEs9XHVIuOgXE8fUDuQI8fs8Gp9UMWRA=
Content-Language: en-us
X-ZohoMailClient: External
X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_20, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE,
 RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=no autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Cc: cygwin AT cygwin DOT com
Content-Type: text/plain; charset="utf-8"
Sender: "Cygwin" <cygwin-bounces AT cygwin DOT com>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 07PEbbSc001476

That's unfortunate. 

Is there any plans to implement a workaround in the future? Seeing as Cygwin is only one of two programs I've noticed that are broken with it on, it would be nice to be able to have it on from a security perspective.

-----Original Message-----
From: Eliot Moss <moss AT roc DOT cs DOT umass DOT edu> 
Sent: Tuesday, August 25, 2020 10:35 AM
To: Alexandria Cortez <admin AT linuxandria DOT com>
Cc: cygwin AT cygwin DOT com
Subject: Re: Mandatory ASLR breaks Cygwin - Windows 10

It’s intentional; too long to explain in detail on phone, but fork requires each dll to load in the child at the same address as in the parent, and ASLR interferes with achieving that.

Sent from my iPhone

> On Aug 25, 2020, at 10:17 AM, Alexandria Cortez <admin AT linuxandria DOT com> wrote:
> 
> I was experimenting with security settings this morning on windows, and
> after changing Mandatory ASLR (Windows Security -> App and Browser Control
> -> Exploit Protection) to default on, no Cygwin programs that rely on the
> Cygwin dll would start, stating that a resource was temporarily unavailable
> and could not fork. Rebasell, bash, you name it crashed and would not start.
> After some investigation, turning off that setting allows Cygwin to work.
> 
> 
> 
> Now the next question: why does this not work? Is this intended behavior or
> a bug? Having that setting turned on seems like a good idea from a security
> standpoint, and who knows it  may eventually become default.
> 
> 
> 
> Regards,
> 
> Alexandria C.
> 
> <cygcheck.out>
> --
> Problem reports:      https://cygwin.com/problems.html
> FAQ:                  https://cygwin.com/faq/
> Documentation:        https://cygwin.com/docs.html
> Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple


--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple