[prev in list] [next in list] [prev in thread] [next in thread]
List: cygwin
Subject: Re: cygwin dll security
From: Christopher Faylor <cgf () redhat ! com>
Date: 2002-12-31 4:34:52
[Download RAW message or body]
On Tue, Dec 31, 2002 at 03:26:39PM +1100, Adam.Cioccarelli@ubsw.com wrote:
>our company is looking at using Cygwin on our NT/2000 servers. However
>our security review team has expressed doubts over the fact that Cygwin
>is said to be insecure in a multi user environment. I was just
>wondering what experienced Cygwin users think about this issue and if
>it is an issue that is likely to be resolved or if there is a work
>around to 'secure' Cygwin in a multi user environment.
Your security review team has every right to be concerned. Cygwin
should not be used in a secure multiuser environment. I'd go so far as
to suggest that unless you are interested in growing some kind of
experts in-house in any free software package that you use, you'd be
better off ensuring that whatever you decide upon is fully supported by
a commercial entity.
If you are really interested in security then downloading a package
from a web site for free doesn't seem like the best plan to me unless
you have the expertise to maintain the software yourself.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic