Hi! Wednesday, 05 December, 2001 Seth Delackner [EMAIL PROTECTED] wrote:
SD> Way back in January, in message SD> http://www.cygwin.com/ml/cygwin/2001-01/msg00063.html SD> I think Egor Duda, but perhaps David Peterson wrote SD> that the socket implementation in cygwin allowed an SD> attacker to simply send an RSA auth request to a SD> specific port on your machine and presto, he would SD> receive your private key. first, the message you've referenced is a bit incorrect: AF_UNIX sockets in cygwin can be connected from localhost _only_. that is, exploits are possible only from users that are logged in locally. second, AF_UNIX sockets have recently been augmented with "secret cookies" code which is supposed to prevent attacks from unauthorized local users. see cygwin-developers@ archive for details. SD> I really don't want to have to setup a port-blocking SD> firewall just to prevent this, especially considering SD> that ZoneAlarm is doing a fine job with application- SD> specific blocking (and I have no other services running SD> that outsiders could abuse). firewalling from external hosts is not (and actually was not) necessary wrt AF_UNIX sockets. I'd like to stress again that cygwin is still insecure and can be exploited by users locally logged on, but there's no known remote exploits. If anyone knows about the ways to exploit cygwin remotely, _please_ report them to cygwin-developers mailing list. Egor. mailto:[EMAIL PROTECTED] ICQ 5165414 FidoNet 2:5020/496.19 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
