Igor, Thanks for this info. The only Cygwin executables being installed will be those to support OpenSSH on that machine e.g. ssh-keygen,scp,sftp etc. I still do not have a clear understanding of how a user could "hijack" a cygwin process running as system account,effectively bypassing system security. Any info. would be most appreciated. Thanks.
> Best Regards > Jim > _______________________________________________ > BTcd Computing Partners > Intelligent Systems Management -----Original Message----- From: Igor Pechtchanski [mailto:[EMAIL PROTECTED]] Sent: 24 January 2003 16:36 To: Davidson,JA,Jim,YES82 R Cc: [EMAIL PROTECTED] Subject: Re: cygwin1.dll On Fri, 24 Jan 2003 [EMAIL PROTECTED] wrote: > Sirs, > We are proposing to use the Red Hat OpenSSH package on our NT/W2K servers > but some concerns > have been raised re. the Cygwin1.dll shared memory vulnerability. > As the only Cygwin application running on these machines will be OpenSSH I > am not sure how > significant a risk may exist. > Can you please explain how this vulnerabilty could be exploited so that we > can determine > what if any counter measures we could deploy. > Thanks. Jim, I'd like to correct one misconception in your message. You said that OpenSSH (I assume you mean sshd) will be "the only Cygwin application running on these machines". However, any time a user logs on, sshd will spawn a shell, and that will spawn whatever other applications the user runs. Some of them will most certainly be Cygwin applications. Igor -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_ [EMAIL PROTECTED] ZZZzz /,`.-'`' -. ;-;;,_ [EMAIL PROTECTED] |,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! Oh, boy, virtual memory! Now I'm gonna make myself a really *big* RAMdisk! -- /usr/games/fortune -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
