Mail Archives: cygwin/2012/02/27/21:54:07

www.delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2012/02/27/21:54:07

X-Recipient: archive-cygwin AT delorie DOT com

X-SWARE-Spam-Status: No, hits=-1.9 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE

X-Spam-Check-By: sourceware.org

Message-ID: <4F4C41B5.7040804@acm.org>

Date: Mon, 27 Feb 2012 18:53:41 -0800

From: David Rothenberger <daveroth AT acm DOT org>

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2

MIME-Version: 1.0

To: cygwin AT cygwin DOT com

Subject: Re: BLODA detection code in latest snapshot

References: <20120227122614 DOT GB31025 AT calimero DOT vinschen DOT de>

In-Reply-To: <20120227122614.GB31025@calimero.vinschen.de>

X-IsSubscribed: yes

Reply-To: cygwin AT cygwin DOT com

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

On 2/27/2012 4:26 AM, Corinna Vinschen wrote:
>   Of course this is not foolproof.  The only filtered system DLLs so
>   far are kernel32.dll, ntdll.dll, mswsock.dll, amd ws2_32.dll.  If you
>   playing around with this, and if you find that a core system DLL is
>   reported (like, say, advapi32.dll), then please notify this list, too.

On one of my Windows XP 32 boxes, it is reporting

Potential BLODA detected!  Thread function called outside of Cygwin DLL:
  C:\WINDOWS\system32\advapi32.dll

when I ssh to another host. The machine DOES have potential BLODA,
though: Symantec Endpoint Protection. It's never caused me any problems.

You did say above to report to the list if advapi32.dll is reported, and
you didn't say not to report it if there is helpful anti-workright
software on the machine, so, here's your report. Forgive me if I
misunderstood.

-- 
David Rothenberger  ----  daveroth AT acm DOT org

Small things make base men proud.
                -- William Shakespeare, "Henry VI"

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=-1.9 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE
X-Spam-Check-By:	sourceware.org
Message-ID:	<4F4C41B5.7040804@acm.org>
Date:	Mon, 27 Feb 2012 18:53:41 -0800
From:	David Rothenberger <daveroth AT acm DOT org>
User-Agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version:	1.0
To:	cygwin AT cygwin DOT com
Subject:	Re: BLODA detection code in latest snapshot
References:	<20120227122614 DOT GB31025 AT calimero DOT vinschen DOT de>
In-Reply-To:	<20120227122614.GB31025@calimero.vinschen.de>
X-IsSubscribed:	yes
Reply-To:	cygwin AT cygwin DOT com
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com