This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: DoD Security Clearance for cygwin? (OT)


Graeme Merrall wrote:
On Wed, Aug 21, 2002 at 11:06:14AM -0500, Keen Wayne A Contr AFRL/MNGG wrote:

Cygwin is not used (at least in this office and lab) in an environment in
which its security (or lack thereof) is an issue.

Thats about all I can say and be secure.

As a non-US, non-military exposed individual I love this security stuff.
As an aside to an OT aside, the question is important. If you have a host OS that has, say, a B1 certification (which I doubt Windows has, even disconnected from the Net :-), you don't want to run a system or application on it that could theoretically allow you to bypass those access checks (say, due to a bug in the authentication and authorization code).

I wonder if anyone is sufficiently motivated to perform such a thorough security review of the entire Cygwin platform.
--
Shankar.




--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]