This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: Silly question about OpenSSH and Cygwin
- To: joshua dot newton at dfs dot com
- Subject: Re: Silly question about OpenSSH and Cygwin
- From: egor duda <deo at logos-m dot ru>
- Date: Wed, 8 Aug 2001 19:07:43 +0400
- CC: cygwin at cygwin dot com
- Organization: deo
- References: <88256AA2.00500311.00@us-sfo-hub01.dfs>
- Reply-To: egor duda <cygwin at cygwin dot com>
Hi!
Wednesday, 08 August, 2001 joshua.newton@dfs.com joshua.newton@dfs.com wrote:
jndc> I'm going to cross my fingers and hope this question hasn't been asked before.
jndc> Is Cygwin still inherently insecure on a multiuser system, or is this a FAQ
jndc> entry that hasn't been revised in a while?
yes. it's still insecure. i don't know any ways to exploit cygwin
remotely, but doing so locally is rather easy. see thread
http://sources.redhat.com/ml/cygwin-developers/2001-04/msg00073.html
if you want details.
making cygwin secure requires architectural changes and adding special
"cygwin daemon" which will take care of inter-process security stuff.
there's a prototype of such daemon posted in
http://sources.redhat.com/ml/cygwin-patches/2001-q1/msg00260.html, but
i have to admit it's a bit "unpractical", i.e. its interface is not
very flexible. it works for me for several months now, though.
and i should stress out that it's _only_one_ of known security holes
in cygwin.
jndc> If it's still correct, is there any way to lock it down, or
jndc> protect Cygwin from non-admin users? The new system I was
jndc> prototyping relies on sshd running on all the workstations. I
jndc> see lots of other folks using OpenSSH on Cygwin for a variety of
jndc> things, so I'm going to guess that I missed something.
they probably don't care much ( not being paranoid :) ), or they can
trust users that logon locally on machines with sshd.
jndc> But -- we're working in a reasonably security-conscious environment, and the
jndc> last thing I want to do is explain myself to an audit team when
jndc> they find out I deployed new code that's hackable by anyone
jndc> logged into the workstations locally.
then you can help us with audit of cygwin's security! :) i believe any
potential security hole in cygwin should and _can_ be fixed, but
1) we must know about this particular hole.
2) it may take time and certain amount of efforts to fix it.
Egor. mailto:deo@logos-m.ru ICQ 5165414 FidoNet 2:5020/496.19
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/