X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DC8513858289
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1671709556;
	bh=dbs7bPdT3qKm9mimaju2JXRF57OdmJPmfoaLQcvdn1E=;
	h=Date:To:Cc:Subject:In-Reply-To:References:List-Id:
	 List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
	 From:Reply-To:From;
	b=jW1jba+Yb7wdOU3RS/njqE4rMmZJIZr8LIPKYrcE6FBN5hqBpq+Npk+exHy3au0lD
	 whoG9ZJjXgheW28YtdAtYgENYTp6WIVmete1qdBv/wgFj45UyH5OAidu2sKfMRzoBQ
	 +nOxxZSioXKaA4+n7u4VvPiatVJKFFRwB/v6m5iI=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 3B3063858D1E
DKIM-Filter: OpenDKIM Filter v2.10.3 conssluserg-05.nifty.com 2BMBj0UD027933
X-Nifty-SrcIP: [220.150.135.41]
Date: Thu, 22 Dec 2022 20:45:00 +0900
To: cygwin AT cygwin DOT com
Cc: Christopher Ng <facboy AT gmail DOT com>
Subject: Re: Windows file security
Message-Id: <20221222204500.5eb10d63b00bea87d1769b34@nifty.ne.jp>
In-Reply-To: <CAN5wt5pwK=6rkxZiZbku_50LAa20eHfVrQsgsb8WE4JbS7tJfw@mail.gmail.com>
References: <CAN5wt5pwK=6rkxZiZbku_50LAa20eHfVrQsgsb8WE4JbS7tJfw AT mail DOT gmail DOT com>
X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.30; i686-pc-mingw32)
Mime-Version: 1.0
X-Spam-Status: No, score=-5.2 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Takashi Yano via Cygwin <cygwin AT cygwin DOT com>
Reply-To: Takashi Yano <takashi DOT yano AT nifty DOT ne DOT jp>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>

On Thu, 22 Dec 2022 11:26:08 +0000
Christopher Ng wrote:
> hi,
> 
> is it possible to secure the files of the cygwin installation?  i
> notice that at the 'regular' cygwin prompt i can write to any
> directory, and modify anything.  isn't this somewhat insecure if eg
> i'm running cygwin as an ssh server, but any process running as me can
> go and modify sshd?
> 
> how does one make files non-writable by normal users?

1) Remove Administrators rights from normal users.
2) Enable Administrator account.
3) Install cygwin using Administrator account.

Then the cygwin system files will not be writable
by normal users.

-- 
Takashi Yano <takashi DOT yano AT nifty DOT ne DOT jp>

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple