On Thu, 20 Sep 2007, Christopher Faylor wrote: > On Thu, Sep 20, 2007 at 03:08:55AM -0600, Warren Young wrote: > >Will Parsons wrote: > >>why would cygwin be less secure? > > > >The more moving parts, the more things there are to break. > > > >Postulate that you have a program that's been audited to the point that > >you're absolutely certain it's 100% secure when run on Linux. > > > >Then you port it to Cygwin. Is it secure? The answer cannot be "Yes" > >until you have also audited Cygwin itself to the same level of > >assurance. > > > >Just one way it could fail is if there is a buffer overflow in the > >implementation of one of Cygwin's interfaces, and your "100% secure" > >program calls it. It's then only a matter of time for a skilled hacker > >to turn that buffer overflow into an arbitrary code execution > >vulnerability. At minimum, the hacker will then have the privileges of > >the program. Once the hacker has local access, chances are good that > >he can parlay that into a privilege escalation attack, and it's Game > >Over for you. > > > >Security is hard. > > I don't think I've given out a gold star for a clear explanation in a > long time but can we get one over here?
Certainly: <http://cygwin.com/goldstars/#WY>. Igor P.S. I also owe quite a few to folks on the cygwin-apps list... -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_ [EMAIL PROTECTED] | [EMAIL PROTECTED] ZZZzz /,`.-'`' -. ;-;;,_ Igor Peshansky, Ph.D. (name changed!) |,4- ) )-,_. ,\ ( `'-' old name: Igor Pechtchanski '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! Belief can be manipulated. Only knowledge is dangerous. -- Frank Herbert -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/