This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Compliments, and Security

First off, I really wanted to compliment you guys on some excellent
progress the past few months.  I did an install in January, and then
an install of the latest this week, and the new system just seems FAR
more rebustly setup, and the X work is just coming along incredibly.
I will be very surprised if GNOME isn't running smoothly under Win2k
by the end of the year thanks to this foundation.  

My one is that the new ftp directory layout makes
it very difficult to download just the binary packages, or to even
know what version you're downloading.  And damn, that old
self-extracting GUI setup that you had in January sure made things
feel simpler.  Still, once installed, the configuration seems much
cleaner.  It'd be nice if the "mount v2" registry info was placed in
the HK_Local_Machine instead of the Current_User if the install is
done as Administrator...took me a while to get the hang of the `cd
/;bin/umount /;bin/mount -s -b //d/blahblah /` so things worked in
user accounts.

Now I want to install CygWin on all the lab machines I administer.  My
question is security.  Can CygWin be easilly exploited by a User to
gain Administrator access to the machine?  I understand there are
security problems associated with the shared-memory technique CygWin
uses, but am I relatively safe as long as no Cygwin processes are
being run in the background as Administrator?  I'm not a guru on the
Windows Security model (or anything with an MS logo on it for that

	Thanks for the terrific work!

JHU ECE Dept System & Network Administrator
Long-term copyrights: Keeping all the knowledge from all the world's people.

Want to unsubscribe from this list?
Send a message to

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]