From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: BLODA detection code in latest snapshot
Date: Wed, 29 Feb 2012 09:26:00 -0000 [thread overview]
Message-ID: <20120229085527.GO23440@calimero.vinschen.de> (raw)
In-Reply-To: <16210489654.20120229024137@mtu-net.ru>
On Feb 29 02:41, Andrey Repin wrote:
> Greetings, Corinna Vinschen!
>
> > Yup, confirmed. This occurs on W7/32 as well.
> > I add shlwapi to the list of filtered DLLs for which no such message is printed.
>
> Could you please consider making such list configurable, if it's not much of
> an issue?
> This feature seems to be the reasonable way for rough detection of potentially
> malicious presence, but I would like to avoid certain handlers to be reported,
> such as antivirus' LSP or keyboard hotkey handler.
Hmm. Well, this option isn't meant to be used all the time. It's not
overly intrusive, but it costs time and Cygwin already isn't exactly
fast. For a pure diagnosing tool, does it makes sense to add lots
of configuration options?
If you want to make the DLL list configurable, what's your idea? Another
env var like, say CYGWIN_DETECT_BLODA_DLL_IGNORE_LIST?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2012-02-29 8:56 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-27 14:38 Corinna Vinschen
2012-02-27 15:23 ` Larry Hall (Cygwin)
2012-02-28 8:16 ` David Rothenberger
2012-02-28 8:17 ` David Rothenberger
2012-02-28 9:43 ` Corinna Vinschen
2012-02-28 23:20 ` Andrey Repin
2012-02-29 9:26 ` Corinna Vinschen [this message]
2012-02-29 12:46 ` Andrey Repin
2012-02-29 14:45 ` Ryan Johnson
2012-03-01 23:05 ` Andrey Repin
2012-02-28 9:40 ` Corinna Vinschen
2012-03-21 9:40 ` Denis Excoffier
2012-03-21 10:44 ` Corinna Vinschen
2012-03-21 11:05 ` Denis Excoffier
2012-03-21 11:44 ` Corinna Vinschen
2012-02-29 15:01 ` Ryan Johnson
2012-02-29 15:18 ` Corinna Vinschen
2012-02-29 16:35 ` Ryan Johnson
2012-03-01 9:54 ` Corinna Vinschen
2012-03-01 13:19 ` Ryan Johnson
2012-03-01 13:53 ` Corinna Vinschen
2012-03-30 20:51 ` Christian Franke
2012-03-30 21:15 ` David Rothenberger
2012-03-30 23:37 ` Yaakov (Cygwin/X)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120229085527.GO23440@calimero.vinschen.de \
--to=corinna-cygwin@cygwin.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).