Actually, Reini, I didn't say that I didn't know what a daemon was, I said that I didn't know how to find out which ones were running (without additional research, which, has thus far been fruitless). If I type ps -fA on my linux box at home, I get a list of all the running processes, even when I am not logged in as root. When I type ps -fA in cygwin, I do not get a complete list -- just my shell and the ps command. Of course this brings up the question of who, exactly is root under cygwin, but a check of /etc/passwd seems to indicate that there isn't one. I gather that if SYSTEM or Administrators wanted to take on the role, they'd be able to do it.
As far as I can see from what you wrote, the real issue is that windows is unsafe. I don't use Explorer, and if there is an intruder on my machine, I already have a problem, independent of what they can do using cygwin services. The question is whether someone can use cygwin to intrude. I guess I don't see why anyone would install cygwin rather than linux unless they were stuck in a networked windows environment as I am, so I would assume that it would be designed to work reasonably in such an environment. Only I and computer services have accounts on the machine. I have to trust computer services, and if they screw up, they can't blame me, so the only issue here is what I personally have to do to make sure I do not introduce extra security risks into the system. (Wish the documentation addressed XP Pro rather than just NT.) > -----Original Message----- > From: Reini Urban [mailto:[EMAIL PROTECTED] > Sent: Monday, September 20, 2004 12:13 PM > To: Koskie, Sarah > Cc: Cygwin List > Subject: Re: security and cygwin > > Koskie, Sarah schrieb: > >>>Are there any other security related issues I should know about? I > >>>have to assume that cygwin as installed is safe until I have time to > look > >>>into it, so I am hoping that my faith is not misplaced. > >> > >>See the FAQ entry: > >> > >>How secure is Cygwin in a multi-user environment? > >><http://cygwin.com/faq/faq_toc.html#TOC78> > > > > Thanks, but that does not answer my question. I do not know what > > daemons are running. > > It does answer it. > If you don't know this, you are completely unsafe. > > > I did not start any. I assume some are started in > > the installation process but I don't know how to find out which they > > are. I just searched the FAQs for any other mention of "daemon" and > > found none. I have also checked the User's guide but it does not seem > > to contain any relevant info that I can see. There should never be any > > users logged in remotely to my cygwin and if there is something I have > > to do to enforce that, that's part of what I want to know. I should > > also be the only one using sftp, ssh, etc. With the previous version of > > cygwin, I was able to sftp and ssh from cygwin to other machines but not > > from other machines to my desktop computer. I hope that is still the > > case. I'll check it eventually, but as mentioned, I have a > > more-than-full time job as other than an UNIX programmer or system > > administrator and I cannot just stop and spend a month setting up > > cygwin. In the past I didn't have to. The lack of relevant > > documentation and the complexity of the current setup and install > > process are extremely frustrating. > > Trust the FAQ: It's unsafe. > Esp. when you don't know what a daemon is. Just believe it. > > A daemon is a long-running "satanic" background process. > See your Task Manager on the Process Tab. > > One of the daemons you don't see is for example called "Explorer" (the > windows desktop). This is one of the worst security holes on windows, > regardless of cygwin. > > sftp, sshd, cygserver, cron and all other cygwin services are also > daemons, which share global data via cygwin1.dll. If you are running > them as user, a possible intruder can gain permissions of this user. > If you run cygwin programs as service the intruder might gain > permissions of the SYSTEM user. > -- > Reini Urban > -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
