Re: Safety of ssh-agent re: fake unix sockets?

[egor duda <deo at logos-m dot ru>]

Hi!

Wednesday, 05 December, 2001 Seth Delackner seth@jtan.com wrote:

SD> Way back in January, in message
SD> http://www.cygwin.com/ml/cygwin/2001-01/msg00063.html

SD> I think Egor Duda, but perhaps David Peterson wrote
SD> that the socket implementation in cygwin allowed an
SD> attacker to simply send an RSA auth request to a
SD> specific port on your machine and presto, he would
SD> receive your private key.

first, the message you've referenced is a bit incorrect: AF_UNIX
sockets in cygwin can be connected from localhost _only_.
that is, exploits are possible only from users that are logged in
locally.

second, AF_UNIX sockets have recently been augmented with "secret
cookies" code which is supposed to prevent attacks from unauthorized
local users. see cygwin-developers@ archive for details.

SD> I really don't want to have to setup a port-blocking
SD> firewall just to prevent this, especially considering
SD> that ZoneAlarm is doing a fine job with application-
SD> specific blocking (and I have no other services running
SD> that outsiders could abuse).

firewalling from external hosts is not (and actually was not)
necessary wrt AF_UNIX sockets.

I'd like to stress again that cygwin is still insecure and can be
exploited by users locally logged on, but there's no known remote
exploits. If anyone knows about the ways to exploit cygwin remotely,
_please_ report them to cygwin-developers mailing list.

Egor.            mailto:deo@logos-m.ru ICQ 5165414 FidoNet 2:5020/496.19


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/