Re: Trusted Software Vendor

Re: Trusted Software Vendor

[Václav Zeman]

[-- Attachment #1: Type: text/plain, Size: 677 bytes --]

On 06/08/2012 08:46 PM, Christopher Faylor wrote:
> On Fri, Jun 08, 2012 at 02:15:27PM -0400, Milton Quinteros S. wrote:
>> Would you consider the possibility to subscribe to the Comodo Trusted
>> Software Vendor list
>> (http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign
>> every executable?
>> It would be so useful for Comodo Firewall users.
>> Best regards.
>>
>> Milton Quinteros Salas
> 1) Wrong mailing list.
>
> 2) Do you have any idea how many executables are in the release?  No.
Well, that part sounds like it could be automated.

Though I think such effort for one commercial product is not worth the
trouble.


-- 
VZ



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 294 bytes --]

Re: Trusted Software Vendor

[Christopher Faylor]

On Sat, Jun 09, 2012 at 01:04:37PM +0200, V?clav Zeman wrote:
>On 06/08/2012 08:46 PM, Christopher Faylor wrote:
>> On Fri, Jun 08, 2012 at 02:15:27PM -0400, Milton Quinteros S. wrote:
>>>Would you consider the possibility to subscribe to the Comodo Trusted
>>>Software Vendor list
>>>(http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign
>>>every executable?  It would be so useful for Comodo Firewall users.
>>>Best regards.
>>>
>>>Milton Quinteros Salas
>>1) Wrong mailing list.
>>
>>2) Do you have any idea how many executables are in the release?  No.
>
>Well, that part sounds like it could be automated.

I obviously know how to automate things.  I also know that the Cygwin
release doesn't all come from one place and package maintainers don't
use just one way to produce packages.  So, any automation would be
complicated.

You could theoretically push the burden onto cygwin.com itself but that
would be a big change to the way that we do things now and I'm really
not willing to burden cygwin.com with the cycles necessary to unpack
tarballs at cygwin.com to sign them.

cgf

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

RE: Trusted Software Vendor

[Buchbinder, Barry (NIH/NIAID) [E]]

I have setup.exe downloaded to /usr/local/bin (and renamed to
getcygwin.exe).  When I launch it by hand (but not by cmd /c start),
Windows tells me that the publisher could not be verified and asks
whether I want to run it.  This is a minor annoyance but it would be
nice if it could be addressed without expense or too much bother.

- Barry
  Disclaimer:  Statements made herein are not made on behalf of NIAID.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Earnie Boyd]

On Sun, Jun 10, 2012 at 1:51 PM, Buchbinder, Barry (NIH/NIAID) [E] wrote:
> I have setup.exe downloaded to /usr/local/bin (and renamed to
> getcygwin.exe).  When I launch it by hand (but not by cmd /c start),
> Windows tells me that the publisher could not be verified and asks
> whether I want to run it.  This is a minor annoyance but it would be
> nice if it could be addressed without expense or too much bother.

IIRC, you can turn that annoyance off in your system if you don't want
to be bothered by it.

-- 
Earnie
-- https://sites.google.com/site/earnieboyd

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Andrey Repin]

Greetings, Buchbinder, Barry (NIH/NIAID) [E]!

> I have setup.exe downloaded to /usr/local/bin (and renamed to
> getcygwin.exe).  When I launch it by hand (but not by cmd /c start),
> Windows tells me that the publisher could not be verified and asks
> whether I want to run it.

This is because of the file being downloaded from the web (check file streams
for details).
You can easily cleanup the file metadata by copying it to FAT drive (Flash
disk/memory card).

> This is a minor annoyance but it would be
> nice if it could be addressed without expense or too much bother.

I doubt it would be in foreseeable future.


--
WBR,
Andrey Repin (anrdaemon@freemail.ru) 11.06.2012, <18:00>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

RE: Trusted Software Vendor

[Buchbinder, Barry (NIH/NIAID) [E]]

Andrey Repin sent the following at Monday, June 11, 2012 10:03 AM
>This is because of the file being downloaded from the web (check file
>streams for details). You can easily cleanup the file metadata by
>copying it to FAT drive (Flash disk/memory card).

It worked!

For the record, I had to delete it from /usr/local/bin before copying
back from the from the memory stick; copying over the file was not
enough.

Thanks!

(And your English is fine.)

- Barry
  Disclaimer: Statements made herein are not made on behalf of NIAID.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Otto Meta]

> This is because of the file being downloaded from the web (check file streams

> for details).
> You can easily cleanup the file metadata by copying it to FAT drive (Flash
> disk/memory card).


The file stream with the "downloaded from the web" information can
easily be removed with the Stream tool without any copying:
http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx

You can probably make a simple context menu entry as well.

Otto

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Christopher Faylor]

On Mon, Jun 11, 2012 at 04:44:46PM +0200, Otto Meta wrote:
>> This is because of the file being downloaded from the web (check file streams
>
>> for details).
>> You can easily cleanup the file metadata by copying it to FAT drive (Flash
>> disk/memory card).
>
>
>The file stream with the "downloaded from the web" information can
>easily be removed with the Stream tool without any copying:
>http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx
>
>You can probably make a simple context menu entry as well.

Out of curiosity would downloading setup.exe using wget also work
around the problem?

cgf

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Otto Meta]

> Out of curiosity would downloading setup.exe using wget also work

> around the problem?


Most likely. I don't think wget cares about protecting Windows users
from their own stupidity. If you use wget, you should know what you're
doing.

How about you just give it a try?

Otto

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Christopher Faylor]

On Mon, Jun 11, 2012 at 04:51:07PM +0200, Otto Meta wrote:
>cgf wrote:
>> Out of curiosity would downloading setup.exe using wget also work
>>around the problem?
>
>Most likely.  I don't think wget cares about protecting Windows users
>from their own stupidity.  If you use wget, you should know what you're
>doing.
>
>How about you just give it a try?

Er, I don't have this problem.  I wasn't the one reporting it.

cgf

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Václav Zeman]

On 11 June 2012 16:55, Christopher Faylor wrote:
> On Mon, Jun 11, 2012 at 04:51:07PM +0200, Otto Meta wrote:
>>cgf wrote:
>>> Out of curiosity would downloading setup.exe using wget also work
>>>around the problem?
>>
>>Most likely.  I don't think wget cares about protecting Windows users
>>from their own stupidity.  If you use wget, you should know what you're
>>doing.
>>
>>How about you just give it a try?
>
> Er, I don't have this problem.  I wasn't the one reporting it.
Downloading setup.exe with wget has another problem. The downloaded
file is missing the +x bit, IIRC.

-- 
VZ

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

RE: Trusted Software Vendor

[Buchbinder, Barry (NIH/NIAID) [E]]

Christopher Faylor sent the following at Monday, June 11, 2012 10:56 AM
>On Mon, Jun 11, 2012 at 04:51:07PM +0200, Otto Meta wrote:
>>cgf wrote:
>>> Out of curiosity would downloading setup.exe using wget also work
>>>around the problem?
>>
>>Most likely.  I don't think wget cares about protecting Windows users
>>from their own stupidity.  If you use wget, you should know what you're
>>doing.
>>
>>How about you just give it a try?
>
>Er, I don't have this problem. I wasn't the one reporting it.

Since I reported it.

I used curl and didn't have the problem.

curl -R -o getcygwin.exe http://cygwin.com/setup.exe

Also, the x bit was set.

-rwxr-xr-x 1 705053 2012-04-29 02:27:44 getcygwin.exe

Two solutions!  Is this a great list or what!

Thanks to all.

- Barry
  Disclaimer: Statements made herein are not made on behalf of NIAID.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Warren Young]

On 6/9/2012 9:57 AM, Christopher Faylor wrote:
>
>and I'm really
> not willing to burden cygwin.com with the cycles necessary to unpack
> tarballs at cygwin.com to sign them.

Based on the traffic I see to cygwin-apps, my sense is that this would 
amount to single-digit CPU-minutes per day, once you get through the 
initial conversion.  That can be nice'd to the point that it takes a 
month; this doesn't have to be a Big Bang conversion.

I think a much bigger problem is getting a Linux toolchain set up on the 
main package repo server that can sign these executables.  My Google-fu 
says the GNU tools have no idea how to do this today.

Then someone has to spend at least a few hours writing and testing the 
script to do all this.  It might take a person-day.

Red Hat might not have to buy a code signing cert for this.  They might 
already have one that will work: http://goo.gl/5Hm3C

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Christopher Faylor]

On Tue, Jun 12, 2012 at 06:57:45AM -0600, Warren Young wrote:
>On 6/9/2012 9:57 AM, Christopher Faylor wrote:
>>and I'm really not willing to burden cygwin.com with the cycles
>>necessary to unpack tarballs at cygwin.com to sign them.
>
>Based on the traffic I see to cygwin-apps, my sense is that this would
>amount to single-digit CPU-minutes per day, once you get through the
>initial conversion.  That can be nice'd to the point that it takes a
>month; this doesn't have to be a Big Bang conversion.
>
>I think a much bigger problem is getting a Linux toolchain set up on
>the main package repo server that can sign these executables.  My
>Google-fu says the GNU tools have no idea how to do this today.
>
>Then someone has to spend at least a few hours writing and testing the
>script to do all this.  It might take a person-day.

If you are working under the misapprehension that I don't understand
what's required to get this to work, I can assure you that you're wrong.

>Red Hat might not have to buy a code signing cert for this.  They might 
>already have one that will work: http://goo.gl/5Hm3C

The Cygwin project is not Red Hat.  It wouldn't be "Red Hat" buying
anything.

cgf

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

RE: Trusted Software Vendor

[James Johnston]

> >Red Hat might not have to buy a code signing cert for this.  They might
> >already have one that will work: http://goo.gl/5Hm3C
> 
> The Cygwin project is not Red Hat.  It wouldn't be "Red Hat" buying
anything.

What is the Cygwin project then?  I honestly thought it was a Red Hat
project...  I.e. I've thought of it as a "Linux" distribution from Red Hat,
with Corinna Vinschen being a senior Red Hat engineer, according to your
FAQ.  Wikipedia says that you yourself used to work for Red Hat.  Bottom of
Cygwin.com:

"The Cygwin DLL and utilities are Copyright C <snip> 2012 Red Hat, Inc.
Other packages have other copyrights."

Also Wikipedia says that the project was started by Cygnus Solutions which
was then merged with Red Hat back in 2000.  It is logical to assume that if
the copyright is owned by Red Hat and some contributor(s) are Red Hat
employees, then the Cygwin project would have some level of access to Red
Hat resources.  If Cygwin isn't owned/run by Red Hat as you seem to
indicate, why do they seem to have their fingers in everything?


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Nick Lowe]

To me, the key question is:

Would Red Hat have an objection in principle to signing Cygwin and its
packages given the history and ties.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Earnie Boyd]

On Tue, Jun 12, 2012 at 10:46 AM, James Johnston wrote:
>  Wikipedia says that ...

Wikipedia isn't the keeper of the information relevant to Cygwin.  You
can only find the truth at cygwin.com.  Besides, companies do support
open source projects by providing man hours to it.  It doesn't mean
that the company providing those hours has any other right to it than
you or I do.  Cygwin is a separate entity from Red Hat.

-- 
Earnie
-- https://sites.google.com/site/earnieboyd

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Nick Lowe]

http://cygwin.com/

"The Cygwin DLL and utilities are Copyright © 2000, 2001, 2002, 2003,
2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc"

> Wikipedia isn't the keeper of the information relevant to Cygwin.  You
> can only find the truth at cygwin.com.  Besides, companies do support
> open source projects by providing man hours to it.  It doesn't mean
> that the company providing those hours has any other right to it than
> you or I do.  Cygwin is a separate entity from Red Hat.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Christopher Faylor]

On Tue, Jun 12, 2012 at 04:12:58PM +0100, Nick Lowe wrote:
>http://cygwin.com/
>
>"The Cygwin DLL and utilities are Copyright ? 2000, 2001, 2002, 2003,
>2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc"

The version of Cygwin supported at cygwin.com is a GPL-based free
software project.  Red Hat owns the code.

Corinna works for Red Hat and can represent Red Hat's interests in
the project but Red Hat does not run the project.  They have their
own release of Cygwin which is separate from the net release and
which, in many cases, is not released under the GPL.

Besides Corinna, AFAIK, there is one other active person on this project
who works for Red Hat.  Their Red Hat job does not involve working on
Cygwin.

sourceware.org, cygwin.com's home, is a system which was generously
donated by Red Hat.  It is maintained by three people, one of whom works
at Red Hat.  Like me, he maintains the site in his free time.

cgf

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Eric Blake]

[-- Attachment #1: Type: text/plain, Size: 1136 bytes --]

On 06/12/2012 09:12 AM, Nick Lowe wrote:
> http://cygwin.com/
> 
> "The Cygwin DLL and utilities are Copyright © 2000, 2001, 2002, 2003,
> 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc"

Yes, that's true for the cygwin1.dll.  But it's not all the executables
available from cygwin.com.  Even among the packages I help maintain (on
my own time, and not on Red Hat's time, I might add), ls.exe is
copyright FSF; diffstat.exe is copyright Thomas E. Dickey; git.exe is
copyright by many different individuals; etc., and none of these are
owned or run by Red Hat.  That is, Red Hat cannot make blanket
operations on executables, just because cygwin.com ships them, because
Red Hat is not the copyright holder on the majority of the binaries
bundled in the cygwin distribution, nor even the entity that compiled
the binaries in the first place.  Most of what you get from cygwin is
the effort of individual contributors, while only a few things like
cygwin1.dll are directly owned by Red Hat.

-- 
Eric Blake   eblake@redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 620 bytes --]

Re: Trusted Software Vendor

[Christopher Faylor]

On Tue, Jun 12, 2012 at 09:32:00AM -0600, Eric Blake wrote:
>On 06/12/2012 09:12 AM, Nick Lowe wrote:
>> http://cygwin.com/
>> 
>> "The Cygwin DLL and utilities are Copyright ? 2000, 2001, 2002, 2003,
>> 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc"
>
>Yes, that's true for the cygwin1.dll.  But it's not all the executables
>available from cygwin.com.  Even among the packages I help maintain (on
>my own time, and not on Red Hat's time, I might add), ls.exe is
>copyright FSF; diffstat.exe is copyright Thomas E. Dickey; git.exe is
>copyright by many different individuals; etc., and none of these are
>owned or run by Red Hat.  That is, Red Hat cannot make blanket
>operations on executables, just because cygwin.com ships them, because
>Red Hat is not the copyright holder on the majority of the binaries
>bundled in the cygwin distribution, nor even the entity that compiled
>the binaries in the first place.  Most of what you get from cygwin is
>the effort of individual contributors, while only a few things like
>cygwin1.dll are directly owned by Red Hat.

Thanks, Eric, for an important clarification.

cgf

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Roger K. Wells]

On 06/12/2012 11:10 AM, Earnie Boyd wrote:
> On Tue, Jun 12, 2012 at 10:46 AM, James Johnston wrote:
>>   Wikipedia says that ...
> Wikipedia isn't the keeper of the information relevant to Cygwin.  You
> can only find the truth at cygwin.com.  Besides, companies do support
> open source projects by providing man hours to it.  It doesn't mean
> that the company providing those hours has any other right to it than
> you or I do.  Cygwin is a separate entity from Red Hat.
What's this then?

http://www.redhat.com/software/cygwin/      a link on: http://cygwin.com/

If they are a separate entity this will certainly mislead some of us....

>


-- 
Roger Wells, P.E.
SAIC
221 Third St
Newport, RI 02840
401-847-4210 (voice)
401-849-1585 (fax)
roger.k.wells@saic.com


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[marco atzeri]

On 6/12/2012 7:08 PM, Roger K. Wells wrote:
> On 06/12/2012 11:10 AM, Earnie Boyd wrote:
>> On Tue, Jun 12, 2012 at 10:46 AM, James Johnston wrote:
>>>   Wikipedia says that ...
>> Wikipedia isn't the keeper of the information relevant to Cygwin.  You
>> can only find the truth at cygwin.com.  Besides, companies do support
>> open source projects by providing man hours to it.  It doesn't mean
>> that the company providing those hours has any other right to it than
>> you or I do.  Cygwin is a separate entity from Red Hat.
> What's this then?
>
> http://www.redhat.com/software/cygwin/      a link on: http://cygwin.com/
>
> If they are a separate entity this will certainly mislead some of us....
>

reporting all the sentence is more clear :
"For Cygwin licensing or commercial support, please visit the Red Hat 
Cygwin Product site."

On linux you can choose between Fedora and RHEL , here
you can choose between "Cygwin" and "Redhat Cygwin"

it is not so strange in the software world

Marco



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Expand stack in Cygwin

[Robert Lewis]

How does one increase the stack size of an application using Cygwin?  I have googled this and found suggestions such as adding

-W1,--stack,8000000

to make the stack 8 meg.  However, this doesn't work for me.  I include this as an option to gcc in my makefile and bash just reports an error message.

Robert H. Lewis
Fordham University

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Expand stack in Cygwin

[René Berber]

On 6/12/2012 4:43 PM, Robert Lewis wrote:

> How does one increase the stack size of an application using Cygwin?
> I have googled this and found suggestions such as adding
>
> -W1,--stack,8000000
----^
Wrong, change the "1" to the letter "l".

> to make the stack 8 meg.  However, this doesn't work for me.  I
> include this as an option to gcc in my makefile and bash just reports
> an error message.

That's probably something else.
-- 
René Berber


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Expand stack in Cygwin

[marco atzeri]

On 6/12/2012 11:43 PM, Robert Lewis wrote:

do not reply to a different thread to open a new thread.

> How does one increase the stack size of an application using Cygwin?  I have googled this and found suggestions such as adding
>
> -W1,--stack,8000000

-Wl not -W1 to pass the dato to the linker

http://cygwin.com/faq-nochunks.html#faq.programming.adjusting-heap

>
> to make the stack 8 meg.  However, this doesn't work for me.  I include this as an option to gcc in my makefile and bash just reports an error message.
>
> Robert H. Lewis
> Fordham University
>

Regards




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Expand stack in Cygwin

[Robert Lewis]

Thanks to all who wrote.  Yes, the problem was that it should be Wl, not W1.  (el not one)

That makes the compiler happy, and actually solves the odd crashing I was getting.

Robert H. Lewis
Fordham University
http://home.bway.net/lewis/

--- On Tue, 6/12/12, R Berber  wrote:

>
> Subject: Re: Expand stack in Cygwin
> Date: Tuesday, June 12, 2012, 6:03 PM
> On 6/12/2012 4:43 PM, Robert Lewis
> wrote:
> 
> > How does one increase the stack size of an application using Cygwin?
> > I have googled this and found suggestions such as adding
> >
> > -W1,--stack,8000000
> ----^

> Wrong, change the "1" to the letter "l".

> 
> > to make the stack 8 meg.  However, this doesn't
> work for me.  I
> > include this as an option to gcc in my makefile and
> bash just reports an error message.
> 
> That's probably something else.
> -- 
> R Berber
> 

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Andrey Repin]

Greetings, Vaclav Zeman!

>>>> Out of curiosity would downloading setup.exe using wget also work
>>>>around the problem?
>>>
>>>Most likely.  I don't think wget cares about protecting Windows users
>>>from their own stupidity.  If you use wget, you should know what you're
>>>doing.
>>>
>>>How about you just give it a try?
>>
>> Er, I don't have this problem.  I wasn't the one reporting it.
> Downloading setup.exe with wget has another problem. The downloaded
> file is missing the +x bit, IIRC.

It's irrelevant for setup.exe.


--
WBR,
Andrey Repin (anrdaemon@freemail.ru) 14.06.2012, <22:45>

Sorry for my terrible english...

Re: Trusted Software Vendor

[Corinna Vinschen]

On Jun 14 22:45, Andrey Repin wrote:
> Greetings, Vaclav Zeman!
> 
> >>>> Out of curiosity would downloading setup.exe using wget also work
> >>>>around the problem?
> >>>
> >>>Most likely.  I don't think wget cares about protecting Windows users
> >>>from their own stupidity.  If you use wget, you should know what you're
> >>>doing.
> >>>
> >>>How about you just give it a try?
> >>
> >> Er, I don't have this problem.  I wasn't the one reporting it.
> > Downloading setup.exe with wget has another problem. The downloaded
> > file is missing the +x bit, IIRC.
> 
> It's irrelevant for setup.exe.

It's not.  Try to start any executable on a NTFS filesystem.  Remove
the executable bits from all entries in the ACL.  Try again.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: Trusted Software Vendor

[Andrey Repin]

Greetings, Corinna Vinschen!

>> >>>> Out of curiosity would downloading setup.exe using wget also work
>> >>>>around the problem?
>> >>>
>> >>>Most likely.  I don't think wget cares about protecting Windows users
>> >>>from their own stupidity.  If you use wget, you should know what you're
>> >>>doing.
>> >>>
>> >>>How about you just give it a try?
>> >>
>> >> Er, I don't have this problem.  I wasn't the one reporting it.
>> > Downloading setup.exe with wget has another problem. The downloaded
>> > file is missing the +x bit, IIRC.
>> 
>> It's irrelevant for setup.exe.

> It's not.  Try to start any executable on a NTFS filesystem.  Remove
> the executable bits from all entries in the ACL.  Try again.

Sure that will cause issues, but read quote from the start.
If you download setup.exe using wget, it's unlikely you'll be unable to run
it.
You need to do some real tinkering first to prevent that.


--
WBR,
Andrey Repin (anrdaemon@freemail.ru) 19.06.2012, <04:24>

Sorry for my terrible english...

Re: Trusted Software Vendor

[Corinna Vinschen]

On Jun 19 04:25, Andrey Repin wrote:
> Greetings, Corinna Vinschen!
> 
> >> >>>> Out of curiosity would downloading setup.exe using wget also work
> >> >>>>around the problem?
> >> >>>
> >> >>>Most likely.  I don't think wget cares about protecting Windows users
> >> >>>from their own stupidity.  If you use wget, you should know what you're
> >> >>>doing.
> >> >>>
> >> >>>How about you just give it a try?
> >> >>
> >> >> Er, I don't have this problem.  I wasn't the one reporting it.
> >> > Downloading setup.exe with wget has another problem. The downloaded
> >> > file is missing the +x bit, IIRC.
> >> 
> >> It's irrelevant for setup.exe.
> 
> > It's not.  Try to start any executable on a NTFS filesystem.  Remove
> > the executable bits from all entries in the ACL.  Try again.
> 
> Sure that will cause issues, but read quote from the start.
> If you download setup.exe using wget, it's unlikely you'll be unable to run
> it.
> You need to do some real tinkering first to prevent that.

I was solely referring to the common misconception that the execute bit
has no meaning for Windows excecutables.  Some people even think the
execute bit is just faked by Cygwin(*).  I can't let this go without
commenting on it.


Corinna


(*) which it is, but only on filesystems which don't support permissions
    at all, like FAT/FAT32.

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Trusted Software Vendor

[R P Herrold]

On Fri, 8 Jun 2012, Milton Quinteros S. wrote:

> Would you consider the possibility to subscribe to the Comodo Trusted
> Software Vendor list
> (http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign
> every executable?

> I don't know how much is the certificate but I'm sure there is a lot of
> people like me to make donations.

off the link: Comodo Code Signing Certificates // Comodo CA 
offers Code Signing certificates at the lowest 
prices around.

http://www.instantssl.com/code-signing/index.html

a bit under $100 a year

But, clearly not the 'lowest price' ... https://startssl.com/ 
issues such to people with their Class II validation for less

I assume there is some reason this is not presently done

-- Russ herrold

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Trusted Software Vendor

[Milton Quinteros S.]

Would you consider the possibility to subscribe to the Comodo Trusted
Software Vendor list
(http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign
every executable?
It would be so useful for Comodo Firewall users like me and other vendor
list based firewalls to trust in applications.
So, in Comodo - Computer Security Policy - Trusted Software Vendors - Read
from a signed executable, would be so easy to add Cygwin as a trusted
software vendor and avoid to make a rule for every executable.
I don't know how much is the certificate but I'm sure there is a lot of
people like me to make donations.
Best regards.

Milton Quinteros


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple