This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: security and cygwin


Koskie, Sarah schrieb:
Are there any other security related issues I should know about?  I
have to assume that cygwin as installed is safe until I have time to look
into it, so I am hoping that my faith is not misplaced.

See the FAQ entry:


How secure is Cygwin in a multi-user environment?
<http://cygwin.com/faq/faq_toc.html#TOC78>

Thanks, but that does not answer my question. I do not know what
daemons are running.

It does answer it. If you don't know this, you are completely unsafe.

I did not start any. I assume some are started in
the installation process but I don't know how to find out which they
are. I just searched the FAQs for any other mention of "daemon" and
found none. I have also checked the User's guide but it does not seem
to contain any relevant info that I can see. There should never be any
users logged in remotely to my cygwin and if there is something I have
to do to enforce that, that's part of what I want to know. I should
also be the only one using sftp, ssh, etc. With the previous version of
cygwin, I was able to sftp and ssh from cygwin to other machines but not
from other machines to my desktop computer. I hope that is still the
case. I'll check it eventually, but as mentioned, I have a
more-than-full time job as other than an UNIX programmer or system
administrator and I cannot just stop and spend a month setting up
cygwin. In the past I didn't have to. The lack of relevant
documentation and the complexity of the current setup and install
process are extremely frustrating.

Trust the FAQ: It's unsafe. Esp. when you don't know what a daemon is. Just believe it.

A daemon is a long-running "satanic" background process.
See your Task Manager on the Process Tab.

One of the daemons you don't see is for example called "Explorer" (the windows desktop). This is one of the worst security holes on windows, regardless of cygwin.

sftp, sshd, cygserver, cron and all other cygwin services are also daemons, which share global data via cygwin1.dll. If you are running them as user, a possible intruder can gain permissions of this user.
If you run cygwin programs as service the intruder might gain permissions of the SYSTEM user.
--
Reini Urban



-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]