-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to C-Programmer on 12/3/2008 6:29 PM:
> char name[25];
> gets( name );
PS. This is a _disaster_ waiting to happen. You just coded a buffer
overflow exploit, where someone can supply a name with more than 25 bytes,
and in so doing, overw
Eric Blake wrote on Thursday, December 04, 2008 1:42 AM::
> According to C-Programmer on 12/3/2008 6:29 PM:
>> But if I compile using the following command line argument:
>> $ gcc -mno-cygwin -o ioProg1 ioProg1.c
>
> Then you are no longer using cygwin, and this is almost more of a
> question for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to C-Programmer on 12/3/2008 6:29 PM:
> But if I compile using the following command line argument:
> $ gcc -mno-cygwin -o ioProg1 ioProg1.c
Then you are no longer using cygwin, and this is almost more of a question
for the mingw list.
> I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Gustavo Seabra on 12/3/2008 7:38 AM:
> 1. Is is safe to remove the old gcc (3.*) packages and replace them by
> symlinks to the new gcc4 executables?
Read the archives. Dave has mentioned that he is planning on a future
packaging of the
Hello,
Here's the source:
#include
int main(){
/* local variable */
char name[25];
printf("What is your name?\n");
gets( name );
printf("Hello, %s!\n",name);
}
If I compile using the following command line argument:
$ gcc -o ioProg1 ioProg1.c
I check to see which DLL it's using wh
TheO wrote:
Larry Hall wrote:
No, you cannot hide it. It is created by Cygwin itself as a convenience
to access the virtual 'cygdrive' directory. This is one of a number of
virtual directories ('/proc' and '/dev' come to mind) that Cygwin supports.
See the description of "Special filenames" in
Peter A. Castro wrote in
> An updated version of zsh (zsh-4.3.9-1) has been released and should be
> at a mirror near you real soon. This is an upstream release.
Thanks Peter.
I just needed to do a rebaseall
gvim /usr/share/doc/Cygwin/rebase*.readme
--
zzapper
http://www.successtheory.com
New News:
===
I have updated the version of Python to 2.5.2-1. The tarballs should be
available on a Cygwin mirror near you shortly.
The following are the only notable changes since the previous release:
o upgrade to Python 2.5.2
o include pre-built sqlite3 module
o include patc
> > And what about Brian's other point - if sshd has a security bug like a
> > buffer overrun (shudder, but possible - look at how often openssh has
> been
> > updated over the years to fix security holes as soon as someone
> identifies
> > one)
>
> Such hole would affect all OpenSSH implementati
>
> And what about Brian's other point - if sshd has a security bug like a
> buffer overrun (shudder, but possible - look at how often openssh has been
> updated over the years to fix security holes as soon as someone identifies
> one)
>
Such hole would affect all OpenSSH implementation. Even th
>
> Don't forget the other variants, like
>
> \\.\c:\foo\bar
> \\./c:/foo/bar
> \??\c:\foo\bar
> \??/c:\foo\bar
> \??/c:/foo/bar
>
I will try different variants definitely. Unfortunately I can only give the
feedback tomorrow as I am away from the office now.
Thanks for your input.
-
Hi All,
I recently made a fresh new Cygwin installation. I asked for the full
installation of the "devel" category to be installed, which resulted
in both gcc and gcc4 to be installed. (BTW, great work with gcc4
package, thanks a lot!!!)
I wonder:
1. Is is safe to remove the old gcc (3.*) packag
Eric Blake wrote:
> That's with /. What about with \? The cygwin dll sometimes treats the
> two separators differently, where using \ is more likely to bypass cygwin
> checks.
Don't forget the other variants, like
\\.\c:\foo\bar
\\./c:/foo/bar
\??\c:\foo\bar
\??/c:\foo\bar
\??/c:/foo/bar
Bria
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to TheO on 12/3/2008 6:29 AM:
>> No, we mean "get c:/dir/file" or "get c:\dir\file". (or "put
>> //hostname/share/file", shudder.)
>>
>
> This is what I get:
>
> sftp> cd C:/
> Couldn't canonicalise: No such file or directory
That'
>
> This is what I get:
>
> sftp> cd C:/
> Couldn't canonicalise: No such file or directory
>
> sftp> get C:/foo
> Couldn't stat remote file: No such file or directory
> File "/home/Administrator/C:/foo" not found.
>
More to come:
sftp> cd /cygdrive
sftp> ls -al
>
> No, we mean "get c:/dir/file" or "get c:\dir\file". (or "put
> //hostname/share/file", shudder.)
>
This is what I get:
sftp> cd C:/
Couldn't canonicalise: No such file or directory
sftp> get C:/foo
Couldn't stat remote file: No such file or directory
File "/home/Adminis
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to TheO on 12/3/2008 5:57 AM:
> And if I understand correctly, one of the possible way for user to bypass
> check
> by Cygwin is to use Win32 reserved file names.
>
> identifying what filenames are reserved by Win32, this is what I've got
TheO wrote:
> identifying what filenames are reserved by Win32, this is what I've got
> (please
> complete it if I am missing something):
No, we mean "get c:/dir/file" or "get c:\dir\file". (or "put
//hostname/share/file", shudder.)
Brian
--
Unsubscribe info: http://cygwin.com/ml/#unsubsc
>
> This is not valid reasoning, as Eric Blake already pointed out you can
> still access files outside of a chroot even if you're still going
> through the Cygwin DLL by using Win32 style pathnames since Cygwin
> passes those through untouched. Whether or not you can trick the sftp
> code into l
On Dec 3 04:29, Brian Dessent wrote:
> John Emmas wrote:
>
> > Forgive me - but as someone who's very new to socket programming, I'm
> > confused about why the program worked when I built it under Linux. Is it
> > because something would have converted "localhost" to an IP address (is this
> > t
John Emmas wrote:
> Forgive me - but as someone who's very new to socket programming, I'm
> confused about why the program worked when I built it under Linux. Is it
> because something would have converted "localhost" to an IP address (is this
> the lookup stuff that you referred to?) and where c
Hello Julia,
* On Wed, Dec 03, 2008 at 11:38:20AM + Julio Emanuel wrote:
> On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <[EMAIL PROTECTED]> wrote:
> > This is not valid reasoning, as Eric Blake already pointed out you can
> > still access files outside of a chroot even if you're still going
Julio Emanuel wrote:
> Aha! So this is the tiny bit that was missing! What you are saying is
> that the Cygwin DLL does not honor the chroot if the path is in WIN32
> format? But why is that? It shouldn't honor the chroot all the time?
> I mean, this sounds like the "right thing to do"(tm), if Cyg
John Emmas wrote:
confused about why the program worked when I built it under Linux.
As Brian said, glibc's inet_pton() is apparently doing something beyond
what the standard requires. Cygwin doesn't use glibc, it uses a
different standard C library called newlib.
--
Unsubscribe info:
On Dec 3 11:38, Julio Emanuel wrote:
> On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <[EMAIL PROTECTED]> wrote:
> > Julio Emanuel wrote:
> >
> >> 4) Only commands compiled for Cygwin, AND accessing the file system
> >> exclusively through the Cygwin POSIX interfaces can (and will) obey
> >> the c
- Original Message -
From: "Brian Dessent"
Subject: Re: Socket programming with Cygwin
The call fails because addr is junk, because the demo passed "localhost"
to inet_pton. According to the docs, this function only takes IP
addresses. If you change simple_client_main.cpp to use an IP
On Wed, Dec 3, 2008 at 11:01 AM, Brian Dessent <[EMAIL PROTECTED]> wrote:
> Julio Emanuel wrote:
>
>> 4) Only commands compiled for Cygwin, AND accessing the file system
>> exclusively through the Cygwin POSIX interfaces can (and will) obey
>> the chroot settings;
>
> This is not valid reasoning, a
Julio Emanuel wrote:
> 4) Only commands compiled for Cygwin, AND accessing the file system
> exclusively through the Cygwin POSIX interfaces can (and will) obey
> the chroot settings;
This is not valid reasoning, as Eric Blake already pointed out you can
still access files outside of a chroot eve
John Emmas wrote:
> In every case, the programs fail when the client attempts to connect to the
> server. This would be a typical line:-
>
> status = ::connect ( m_sock, ( sockaddr * ) &addr, sizeof ( addr ) );
>
> 'status' receives -1 and if I check the error it's invariably something like
> "
Hi, all Cygwinners!
I've been following this thread with most interest, because I've been
thinking in setting up some kind of chroot'ed SFTP environment
myself.
The tone of the answers are, however, consistent with what I've
already saw in similar threads in the last months. Yet, I still
consider
Hi guys,
For the past few weeks I've been struggling to compile a program that uses
sockets. Actually, the program compiles and builds okay but the client can
never connect to the server.
This morning I found this simple example that implements client/server
socket comms in just a few modules (
On Wed, Dec 3, 2008 at 2:43 AM, Albert van der Velde wrote:
> I followed this discussion, but does an ftp server exist with a
> possibility to lock a user in its home directory preventing him to get
> out of this "jail".
Are you sure you were understanding this conversation? It was about
SFTP, no
32 matches
Mail list logo
