* Compliments, and Security
@ 2000-04-28 16:00 Braddock Gaskill
2000-04-28 16:08 ` Chris Faylor
0 siblings, 1 reply; 2+ messages in thread
From: Braddock Gaskill @ 2000-04-28 16:00 UTC (permalink / raw)
To: cygwin
First off, I really wanted to compliment you guys on some excellent
progress the past few months. I did an install in January, and then
an install of the latest this week, and the new system just seems FAR
more rebustly setup, and the X work is just coming along incredibly.
I will be very surprised if GNOME isn't running smoothly under Win2k
by the end of the year thanks to this foundation.
My one real..uh..feedback is that the new ftp directory layout makes
it very difficult to download just the binary packages, or to even
know what version you're downloading. And damn, that old
self-extracting GUI setup that you had in January sure made things
feel simpler. Still, once installed, the configuration seems much
cleaner. It'd be nice if the "mount v2" registry info was placed in
the HK_Local_Machine instead of the Current_User if the install is
done as Administrator...took me a while to get the hang of the `cd
/;bin/umount /;bin/mount -s -b //d/blahblah /` so things worked in
user accounts.
Now I want to install CygWin on all the lab machines I administer. My
question is security. Can CygWin be easilly exploited by a User to
gain Administrator access to the machine? I understand there are
security problems associated with the shared-memory technique CygWin
uses, but am I relatively safe as long as no Cygwin processes are
being run in the background as Administrator? I'm not a guru on the
Windows Security model (or anything with an MS logo on it for that
matter).
Thanks for the terrific work!
-Braddock
--
JHU ECE Dept System & Network Administrator
Long-term copyrights: Keeping all the knowledge from all the world's people.
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Compliments, and Security
2000-04-28 16:00 Compliments, and Security Braddock Gaskill
@ 2000-04-28 16:08 ` Chris Faylor
0 siblings, 0 replies; 2+ messages in thread
From: Chris Faylor @ 2000-04-28 16:08 UTC (permalink / raw)
To: cygwin
On Fri, Apr 28, 2000 at 07:10:34PM -0400, Braddock Gaskill wrote:
>My one real..uh..feedback is that the new ftp directory layout makes it
>very difficult to download just the binary packages, or to even know
>what version you're downloading. And damn, that old self-extracting
>GUI setup that you had in January sure made things feel simpler.
The GUI setup that we had for the last two years made things feel
like
"I tried to download your full.exe and it says EXE is corrupted!
What's going on?"
or
"I tried to download your full.exe and it says that files are missing.
What gives?"
or
"I downloaded the pieces of the full.exe. How do I put them together?"
Out of curiousity, was there a reason why you didn't just run
"setup.exe" and download from the interent?
To answer your security issues question, I am not aware of any specific
exploits but I would not be surprised if there were problems if you
installed a daemon or ran a program as administrator.
cgf
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2000-04-28 16:08 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2000-04-28 16:00 Compliments, and Security Braddock Gaskill
2000-04-28 16:08 ` Chris Faylor
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).