From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mailfe2.novus.ca (mx2.novus.ca [216.19.176.24]) by sourceware.org (Postfix) with ESMTP id 254DC3858C74 for ; Fri, 9 Feb 2024 02:17:57 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 254DC3858C74 Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=kylheku.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=novus.ca ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 254DC3858C74 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=216.19.176.24 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707445079; cv=none; b=dgY2j57e8LBnwmK4sPS4B85Q3i0rtbAmVvhf/7I7ZfqRXghcp/mOf4dq31wVFGvQdsDDQpVgTWyUCOvryF3jUYgH3HBvTI2qCJjdD5x+Jp581D9ssN81fL+WZEsCYOYugkCR2g+PCvcQjj6oB3VOe9N7TAXaIjD3ktm+pwoB9JI= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707445079; c=relaxed/simple; bh=Br6ioyaFjnlY/HwUQ+scMynZfh0SRm7ctYCPcuQxYxE=; h=MIME-Version:Date:From:To:Subject:Message-ID; b=uXG6B10HemivLRyfjeSNPzoh8OAQjZ2l+5Mg84ilJCcgJAqSi3J0DdSGwFXzpLutz0WDUzpWs3OrVZf6uqnXOEiGMwKqgzN3VVwBYwQm3904bnvfSMneUe9TuCPUblpA8bxw6E0oU9zpziBbkesIKrYGv2wh8M9TYEmwuACPy9Y= ARC-Authentication-Results: i=1; server2.sourceware.org Received: (qmail 1226968 invoked from network); 9 Feb 2024 02:17:56 -0000 Received: from 104-37-63-7.dyn.novuscom.net (HELO kylheku.com) (fuck.telus@novus.ca@104.37.63.7) by mailfe2.novus.ca with (TLS_AES_256_GCM_SHA384 encrypted) SMTP (6fbb57ac-c6f1-11ee-ae84-00505695d298); Thu, 08 Feb 2024 18:17:56 -0800 Received: from localhost.localdomain ([127.0.0.1] helo=mail.kylheku.com) by kylheku.com with esmtp (Exim 4.94.2) (envelope-from ) id 1rYGSg-000sRE-2s; Thu, 08 Feb 2024 18:17:54 -0800 MIME-Version: 1.0 Date: Thu, 08 Feb 2024 18:17:39 -0800 From: Kaz Kylheku To: Jon Turney Cc: cygwin-announce@cygwin.com, The Cygwin Mailing List Subject: Re: Updated: setup (2.930) In-Reply-To: <6a25c776-98bb-4240-8a57-7081324c5a05@dronecode.org.uk> References: <6a25c776-98bb-4240-8a57-7081324c5a05@dronecode.org.uk> User-Agent: Roundcube Webmail/1.4.15 Message-ID: <23db00778577ab0853fe1026befb9fe8@kylheku.com> X-Sender: kaz@kylheku.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-MagicMail-OS: Unknown X-MagicMail-UUID: 6fbb57ac-c6f1-11ee-ae84-00505695d298 X-MagicMail-Authenticated: fuck.telus@novus.ca X-MagicMail-SourceIP: 104.37.63.7 X-MagicMail-RegexMatch: 1 X-MagicMail-EnvelopeFrom: X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,HEADER_FROM_DIFFERENT_DOMAINS,KAM_DMARC_STATUS,KAM_EXEURI,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2024-02-07 11:57, Jon Turney via Cygwin wrote: > A new version of Setup (2.930) has been uploaded to: > > https://cygwin.com/setup-x86_64.exe (64 bit version) > https://cygwin.com/setup-x86.exe (32 bit version) > > Changes compared to 2.929: > > - Add some hardening against "DLL hijacking" attacks (Thanks to Corinna Vinschen for doing all the thinking involved) Is this because of the report submitted by Suman Chakraborty? I didn't see any public response confirming that there is any problem,and that that action would be taken. I see the commit: https://cygwin.com/cgit/cygwin-apps/setup/commit/?id=0122154811bacdd7dc042cff0c80bb0a36af360c I'm curious, what improvement arises out of looking up the SetDefaultDllDirectories function dynamically in kernel32.dll? Is it the case that malicious software can interpose itself somehow such that the statically linked SetDefaultDllDirectories call goes elsewhere other than kernel32.dll, which we can thwart by asking for the genuine article in kernel32.dll? (If this fixes the problem for Suman, he has some malware or antivirus crap on his PC.)