| www.delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-0.8 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,T_RP_MATCHES_RCVD |
| X-Spam-Check-By: | sourceware.org |
| Message-ID: | <20100808125129.sfrtttc6oswkw4c4@webmail.bangor.ac.uk> |
| Date: | Sun, 08 Aug 2010 12:51:29 +0100 |
| From: | cbsa01 AT bangor DOT ac DOT uk |
| To: | moss AT cs DOT umass DOT edu |
| Cc: | llio AT testun DOT co DOT uk, cygwin AT cygwin DOT com |
| Subject: | Re: Moses with Cygwin on Windows 7 |
| References: | <009b01cb3572$08902780$19b07680$@co.uk> <4C5C1C67 DOT 8060508 AT cs DOT umass DOT edu> <20100807222339 DOT gwq7fz62o04g8w8s AT webmail DOT bangor DOT ac DOT uk> <4C5DED62 DOT 6030606 AT cs DOT umass DOT edu> |
| In-Reply-To: | <4C5DED62.6030606@cs.umass.edu> |
| MIME-Version: | 1.0 |
| User-Agent: | Internet Messaging Program (IMP) H3 (4.1.3) |
| X-BU-User: | cbsa01 |
| X-BU-MailScanner: | Found to be clean, Found to be clean |
| X-BU-MailScanner-SpamCheck: | nid sbam/not spam (goddefadwy/whitelisted), nid sbam/not spam (goddefadwy/whitelisted), SpamAssassin (not cached, sgor/score=0.826, yn ofynnol/required 4.5, autolearn=disabled, MAILTO_TO_SPAM_ADDR 0.28, NO_REAL_NAME 0.55) |
| X-BU-MailScanner-Information: | Please contact the ISP for more information |
| X-MailScanner-ID: | o78BpbcA014278 |
| X-BU-MailScanner-From: | cbsa01 AT bangor DOT ac DOT uk |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
Dear Eliot, your script does indeed sound much better. Is it available to share?=20=20= =20 Many thanks for sharing your insights in any case. Best regards, Llio Humphreys Quoting Eliot Moss <moss AT cs DOT umass DOT edu>: > On 8/7/2010 5:23 PM, cbsa01 AT bangor DOT ac DOT uk wrote: > >> many thanks for your reply. On why we need cygwin: the language=20=20=20 >> model we use is IRSTLM. The native >> windows build of Moses does not currently use IRSTLM LMs. > > I know next to nothing about Moses, so I'll just trust you on this one! > >> I have been reading up a bit about debasing DLLs, and I gather from >> http://www.codeproject.com/KB/DLL/RebaseDll.aspx that the purpose=20=20= =20 >> is to avoid either two or more >> DLLs using the same preferred base addresses, or the overheads of=20=20= =20 >> relocation. However, on >> http://social.msdn.microsoft.com/Forums/en-US/vcgeneral/thread/bac7e300-= f3df-4087-9c4b-847880d625ad, >> it is suggested that from Vista onwards, it is better to leave this=20= =20 >> to the operating systems's ASLR >> (Address space layout randomization) in order to help defeat a=20=20=20 >> ?return-to-libc? attack. Do you agree >> with this? If it is still necessary to do a rebase, what does your=20=20= =20 >> script do that rebaseall doesn't? > > The problem is that the address space randomization interferes with how > cygwin support fork(). Suppose a parent process maps library A at > address X, but does not map library B at all. Then suppose a forked > process is not yet using library A, and ends up mapping library B > at an address that overlaps X. Then the child reaches a point where > it needs to use library A. The implementation of cygwin requires > that if a parent and child use the same library, it must be at the > same address. Therefore the child's mapping attempt will block. > That gives a sense of the scenario. That may not be the exact > case, but it's like that. Basically, we need to guarantee that all > cygwin dlls map to different preferred places. > > Yes, this defeats the OS attempt to defeat a security attack. > > My script finds and rebases every dll file that cygwin 'find' can > locate, while rebaseall only does certain directories. For me, > the difference lies in (at least) some perl-related dlls that are > not where rebaseall looks. > > Another important thing is that the distance between preferred > locations needs to be a little bigger than the default for rebase, > on Vista (and Windows 7). This is an obscure thing that Corinna > found a while back and took me quite a while to locate in old > email threads, but before I set that parameter, rebasing did not > work right for me and after adding that it did. Maybe they have > changed the default by now, but I don't think so. > >> Re UAC prompts: this does look annoying but corporate security=20=20=20 >> regulations may prevent us from >> turning it off completely. Is there some way to turn it off for=20=20=20 >> individual programs without using >> third-party software? > > That lies outside my expertise. I just turned it off. > > Best wishes -- Eliot Moss ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |