On Tue, Dec 31, 2002 at 03:26:39PM +1100, [EMAIL PROTECTED] wrote: >our company is looking at using Cygwin on our NT/2000 servers. However >our security review team has expressed doubts over the fact that Cygwin >is said to be insecure in a multi user environment. I was just >wondering what experienced Cygwin users think about this issue and if >it is an issue that is likely to be resolved or if there is a work >around to 'secure' Cygwin in a multi user environment.
Your security review team has every right to be concerned. Cygwin should not be used in a secure multiuser environment. I'd go so far as to suggest that unless you are interested in growing some kind of experts in-house in any free software package that you use, you'd be better off ensuring that whatever you decide upon is fully supported by a commercial entity. If you are really interested in security then downloading a package from a web site for free doesn't seem like the best plan to me unless you have the expertise to maintain the software yourself. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
