This is the mail archive of the
cygwin-developers@cygwin.com
mailing list for the Cygwin project.
Re: Unable to compile cygwin
- From: Christopher Faylor <cgf at redhat dot com>
- To: cygwin-developers at cygwin dot com
- Date: Wed, 24 Dec 2003 10:47:52 -0500
- Subject: Re: Unable to compile cygwin
- References: <20031223041300.GA1004023@hpn5170x> <BAY9-F16kERMwSuWPjm00018ce5@hotmail.com> <20031222215956.GB32638@redhat.com> <bs7rcu$bcf$1@sea.gmane.org> <20031223015333.GA7322@redhat.com> <20031223041300.GA1004023@hpn5170x> <3.0.5.32.20031224103755.00823100@incoming.verizon.net>
- Reply-to: cygwin-developers at cygwin dot com
On Wed, Dec 24, 2003 at 10:37:55AM -0500, Pierre A. Humblet wrote:
>At 11:57 PM 12/22/2003 -0500, Christopher Faylor wrote:
>>On Mon, Dec 22, 2003 at 11:13:00PM -0500, Pierre A. Humblet wrote:
>>>I believe that the latest snapshot is "as secure as Windows" in the case
>>>where the only Cygwin processes are logged in using Terminal Services
>>>on Windows 2003 or Windows 2000 sp4, and do not have the "Create Global
>>>Object" privilege (please don't laugh, that's an achievement).
>>>That is, if such a user runs cygwin compiled programs under a cygwin shell,
>>>he is no more exposed and has no more power that if running regular Windows
>>>programs under cmd.exe
>>
>>There are still other holes.
>>
>>However, while I understand that there is no real security in security
>>through obscurity, I don't think it is useful to discuss all of the
>>specific holes we know of in a public list.
>
>Can you be more explicit on this list, or privately?
http://sources.redhat.com/ml/cygwin-patches/2003-q4/msg00226.html