This is the mail archive of the
cygwin@sourceware.cygnus.com
mailing list for the Cygwin project.
Re: Security hole in gnu-win32-gcc
- To: Mikey <jeffdb at netzone dot com>
- Subject: Re: Security hole in gnu-win32-gcc
- From: David Dyck <dcd at TC dot FLUKE dot COM>
- Date: Thu, 11 Sep 1997 08:37:34 -0700
- cc: dahms at ifk20 dot mach dot uni-karlsruhe dot de, gnu-win32 at cygnus dot com
Quite a while ago I read the documents that described
the test that were done for the higher level security.
It assumed that Networking must have been turned off!
It also assumed that the ability to debug programs was
also turned off.
Obviously, the didn't plan on C2 developer security :-)
On Thu, 11 Sep 1997, Mikey wrote:
> Happens even on NT if system isn't configured for C2 security.
>
> +10% security -20% speed
>
> Don't you love Bill?
>
> On Thu, 11 Sep 1997 02:28:54 +0200 (METDST), you wrote:
>
> >Hi Daniel, you wrote:
> >
> >: I discovered a security hole in cygnus gnu-win32 gcc: Obviously,
> >: allocated ram is not initialised. The generated binaries thus contain
> >
> >W95 only. Shouldn't happen under NT, else it wouldn't be C2 certified.
> >
> >
> >Bye, Heribert (dahms@ifk20.mach.uni-karlsruhe.de)
> >-
> >For help on using this list (especially unsubscribing), send a message to
> >"gnu-win32-request@cygnus.com" with one line of text: "help".
> >
>
> (jeffdbREMOVETHIS@netzone.com)
> delete REMOVETHIS from the above to reply
> Mikey
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".