Write access for BUILTIN\USERS - cygwin privilege escalation vulnerability for Windows 2008 default installation
Christopher Faylor
cgf-use-the-mailinglist-please@cygwin.com
Mon Sep 21 18:39:00 GMT 2009
On Mon, Sep 21, 2009 at 05:19:35PM +0100, Dave Korn wrote:
> Therefore Cygwin should never be deployed to provide services to untrusted
>users on a 'net-facing server. It's just not a real OS(*).
Cygwin is not a floor wax either. It's just barely a dessert topping.
cgf
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list