On 28/06/2006, at 1:32 PM, Tim Churches wrote:
Last time I looked at Cygwin was back in Win NT days (mid to late 1990s). One concern then was that many of the cygwin tools completely bypassed the Windows NT security arrangements, in part due to a culture clash between the Unix security model (Cygwin provides Unix facilities on Windows) and the Windows way of doing security (not!). Nearly a decade later, is that still an issue? That is, does installing Cygwin on an otherwise nominally secured and patched Windows 2000 or 2003 or XP box undermine its security model in any way, or does Cygwin play more nicely with teh Windows concept of security management now?
You can run Cygwin in NTSEC mode which passes the authentication to Windows, but if it is your only opening to the world, I'd prefer to rely on Unix authentication, then requiring secondary credentials to access any of the Windows services.
At a fundamental level, I guess you're introducing powerful tools to an operating system that is not inherently secure, and you could argue that this is a security lapse.
Peter. _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
