Re: security and cygwin

[Reini Urban <rurban at x-ray dot at>]

Koskie, Sarah schrieb:
> Actually, Reini, I didn't say that I didn't know what a daemon was, I
> said that I didn't know how to find out which ones were running (without
> additional research, which, has thus far been fruitless).  

O h sorry.

> As far as I can see from what you wrote, the real issue is that windows
> is unsafe.  I don't use Explorer, and if there is an intruder on my
> machine, I already have a problem, independent of what they can do using
> cygwin services.  The question is whether someone can use cygwin to
> intrude.

You do use Explorer. You don't use IExplorer. Explorer is the Desktop. 
Several applications run several (mostly hidden) windows on the Desktop 
as SYSTEM, which can be used to gain the privileges of this process => 
SYSTEM, by classical buffer overrun methods on bad or missing input 
validation, e.g. on an edit box.
Google for "Shatter style attack exploit"
  http://security.tombom.co.uk/shatter.html

NTFS is also inherently insecure, ie. makes is easy to hide processes:
http://www.windowsecurity.com/articles/Alternate_Data_Streams.html
  type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

And of course the popular RPC exploits, which either targets directly 
the kernel or if up-to-date, other COM/DCOM components which are mostly 
entirely insecure in the default incarnations. There are several COM 
architectural flaws, where MS didn't want to burden poor MS developers 
with too much security concerns. (in contrast to CORBA btw.)

> I guess I don't see why anyone would install cygwin rather than linux
> unless they were stuck in a networked windows environment as I am, so I
> would assume that it would be designed to work reasonably in such an
> environment.  Only I and computer services have accounts on the machine.
> I have to trust computer services, and if they screw up, they can't
> blame me, so the only issue here is what I personally have to do to make
> sure I do not introduce extra security risks into the system.  (Wish the
> documentation addressed XP Pro rather than just NT.) 

The NT Family of the OS, in contrast to the Windows3-based family, which 
we call Win95.

> > -----Original Message-----
> > From: Reini Urban [mailto:rurban@x-ray.at]
> > Sent: Monday, September 20, 2004 12:13 PM
> > To: Koskie, Sarah
> > Cc: Cygwin List
> > Subject: Re: security and cygwin
> >
> > Koskie, Sarah schrieb:
> >
> > > > > Are there any other security related issues I should know about?  I
> > > > > have to assume that cygwin as installed is safe until I have time
>
> to
>
> > look
> >
> > > > > into it, so I am hoping that my faith is not misplaced.
> > > >
> > > > See the FAQ entry:
> > > >
> > > > How secure is Cygwin in a multi-user environment?
> > > > <http://cygwin.com/faq/faq_toc.html#TOC78>
> > >
> > > Thanks, but that does not answer my question.  I do not know what
> > > daemons are running.
> >
> > It does answer it.
> > If you don't know this, you are completely unsafe.
> >
> >
> > > I did not start any.  I assume some are started in
> > > the installation process but I don't know how to find out which they
> > > are.  I just searched the FAQs for any other mention of "daemon" and
> > > found none.  I have also checked the User's guide but it does not
>
> seem
>
> > > to contain any relevant info that I can see.  There should never be
>
> any
>
> > > users logged in remotely to my cygwin and if there is something I
>
> have
>
> > > to do to enforce that, that's part of what I want to know.  I should
> > > also be the only one using sftp, ssh, etc. With the previous version
>
> of
>
> > > cygwin, I was able to sftp and ssh from cygwin to other machines but
>
> not
>
> > > from other machines to  my desktop computer.  I hope that is still
>
> the
>
> > > case.  I'll check it eventually, but as mentioned, I have a
> > > more-than-full time job as other than an UNIX programmer or system
> > > administrator and I cannot just stop and spend a month setting up
> > > cygwin.  In the past I didn't have to.  The lack of relevant
> > > documentation and the complexity of the current setup and install
> > > process are extremely frustrating.
> >
> > Trust the FAQ: It's unsafe.
> > Esp. when you don't know what a daemon is. Just believe it.
> >
> > A daemon is a long-running "satanic" background process.
> > See your Task Manager on the Process Tab.
> >
> > One of the daemons you don't see is for example called "Explorer" (the
> > windows desktop). This is one of the worst security holes on windows,
> > regardless of cygwin.
> >
> > sftp, sshd, cygserver, cron and all other cygwin services are also
> > daemons, which share global data via cygwin1.dll. If you are running
> > them as user, a possible intruder can gain permissions of this user.
> > If you run cygwin programs as service the intruder might gain
> > permissions of the SYSTEM user.
> > --
> > Reini Urban
--
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/