X-Recipient: archive-cygwin@delorie.com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DC8513858289
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1671709556;
	bh=dbs7bPdT3qKm9mimaju2JXRF57OdmJPmfoaLQcvdn1E=;
	h=Date:To:Cc:Subject:In-Reply-To:References:List-Id:
	 List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
	 From:Reply-To:From;
	b=jW1jba+Yb7wdOU3RS/njqE4rMmZJIZr8LIPKYrcE6FBN5hqBpq+Npk+exHy3au0lD
	 whoG9ZJjXgheW28YtdAtYgENYTp6WIVmete1qdBv/wgFj45UyH5OAidu2sKfMRzoBQ
	 +nOxxZSioXKaA4+n7u4VvPiatVJKFFRwB/v6m5iI=
X-Original-To: cygwin@cygwin.com
Delivered-To: cygwin@cygwin.com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 3B3063858D1E
DKIM-Filter: OpenDKIM Filter v2.10.3 conssluserg-05.nifty.com 2BMBj0UD027933
X-Nifty-SrcIP: [220.150.135.41]
Date: Thu, 22 Dec 2022 20:45:00 +0900
To: cygwin@cygwin.com
Cc: Christopher Ng <facboy@gmail.com>
Subject: Re: Windows file security
Message-Id: <20221222204500.5eb10d63b00bea87d1769b34@nifty.ne.jp>
In-Reply-To: <CAN5wt5pwK=6rkxZiZbku_50LAa20eHfVrQsgsb8WE4JbS7tJfw@mail.gmail.com>
References: <CAN5wt5pwK=6rkxZiZbku_50LAa20eHfVrQsgsb8WE4JbS7tJfw@mail.gmail.com>
X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.30; i686-pc-mingw32)
Mime-Version: 1.0
X-Spam-Status: No, score=-5.2 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: cygwin@cygwin.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
From: Takashi Yano via Cygwin <cygwin@cygwin.com>
Reply-To: Takashi Yano <takashi.yano@nifty.ne.jp>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cygwin-bounces+archive-cygwin=delorie.com@cygwin.com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie.com@cygwin.com>

On Thu, 22 Dec 2022 11:26:08 +0000
Christopher Ng wrote:
> hi,
> 
> is it possible to secure the files of the cygwin installation?  i
> notice that at the 'regular' cygwin prompt i can write to any
> directory, and modify anything.  isn't this somewhat insecure if eg
> i'm running cygwin as an ssh server, but any process running as me can
> go and modify sshd?
> 
> how does one make files non-writable by normal users?

1) Remove Administrators rights from normal users.
2) Enable Administrator account.
3) Install cygwin using Administrator account.

Then the cygwin system files will not be writable
by normal users.

-- 
Takashi Yano <takashi.yano@nifty.ne.jp>

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple