Re: Updated: setup (2.930)

public inbox for cygwin-announce@cygwin.com
 help / color / mirror / Atom feed

From: Kaz Kylheku <kaz@kylheku.com>
To: Jon Turney <jon.turney@dronecode.org.uk>
Cc: cygwin-announce@cygwin.com, The Cygwin Mailing List <cygwin@cygwin.com>
Subject: Re: Updated: setup (2.930)
Date: Thu, 08 Feb 2024 18:17:39 -0800	[thread overview]
Message-ID: <23db00778577ab0853fe1026befb9fe8@kylheku.com> (raw)
In-Reply-To: <6a25c776-98bb-4240-8a57-7081324c5a05@dronecode.org.uk>

On 2024-02-07 11:57, Jon Turney via Cygwin wrote:
> A new version of Setup (2.930) has been uploaded to:
> 
>  https://cygwin.com/setup-x86_64.exe  (64 bit version)
>  https://cygwin.com/setup-x86.exe     (32 bit version)
> 
> Changes compared to 2.929:
> 
> - Add some hardening against "DLL hijacking" attacks (Thanks to Corinna Vinschen for doing all the thinking involved)

Is this because of the report submitted by Suman Chakraborty?

I didn't see any public response confirming that there is any problem,and that that action would be taken.

I see the commit: https://cygwin.com/cgit/cygwin-apps/setup/commit/?id=0122154811bacdd7dc042cff0c80bb0a36af360c

I'm curious, what improvement arises out of looking up the SetDefaultDllDirectories
function dynamically in kernel32.dll?

Is it the case that malicious software can interpose itself somehow such that
the statically linked SetDefaultDllDirectories call goes elsewhere other than
kernel32.dll, which we can thwart by asking for the genuine article in kernel32.dll?

(If this fixes the problem for Suman, he has some malware or antivirus crap on his PC.)

     prev parent reply	other threads:[~2024-02-09  2:17 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-07 19:57 Jon Turney
2024-02-09  2:17 ` Kaz Kylheku [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=23db00778577ab0853fe1026befb9fe8@kylheku.com \
    --to=kaz@kylheku.com \
    --cc=cygwin-announce@cygwin.com \
    --cc=cygwin@cygwin.com \
    --cc=jon.turney@dronecode.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).