You wrote in <01fd01c1ebba$23197580$0d76aec7@D4LHBR01> in gmane.os.cygwin on Wed, 24 Apr 2002 11:01:56 -0700:
> In the company I work for they have outlawed all Unix > variants (Linux, Solaris, OSX) from certain networks. I > asked why Cygwin could not be installed and here is > some of the response I got back: > > Cygwin, in itself, is typically a harmless application. > > However, once installed, it does allow a user to invalidate > > the NT Security architecture; a user can then install cygwin > > ports without the NT administrators consent (including, of > > course, the cygwin DHCP port). > How should I respond to this? Cygwin1.dll and Cygwin applications makes calls to the OS API via kernel32.dll and the other system DLLs just like any other Windows application does. There's nothing they can do when run via a specific user account that any other Windows program couldn't do running from that same account. The shared memory used by cygwin1.dll is not protected so a malicious or buggy process in one context could crash a Cygwin process running in another by corrupting this data. But if you avoid installing any Cygwin programs as NT services then they'll all be running interactively in the context of the current user so they can't do anything that can't be done anyway. -- Sam Edge -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
