X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
From: "Dave Korn" <dave DOT korn AT artimi DOT com>
To: <cygwin AT cygwin DOT com>
References: <48C4B480 DOT 5030003 AT sellers DOT com>
Subject: RE: Why is regedit referenced?
Date: Mon, 8 Sep 2008 10:30:06 +0100
Message-ID: <021001c91195$7bdead40$9601a8c0@CAM.ARTIMI.COM>
MIME-Version: 1.0
Content-Type: text/plain; 	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
In-Reply-To: <48C4B480.5030003@sellers.com>
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

John Sellers wrote on 08 September 2008 06:14:

> When I run Cygwin on my WindowsXP machine, my firewall informs me of
> regedit activity, searching, and text manipulation.  I have not located
> the source of this activity.
> 
> The install is a clean one without any significant Internet activity
> that might lead to any third-party detection or downloads to my machine.
> 
> Is this behavior expected or have I picked up something nasty from setup?


  Your firewall is most likely being hypersensitive.  It must have some kind
of antispy/malware "behaviour-blocking" feature, that regards all those things
as suspicious, but they're all pretty normal activities as far as I can infer
from the brief descriptions you've reported here.  What is your firewall?
Does it give any more detail, like what process is involved?  (None of those
appear to be network activities to me, but does it mention any IP addresses
and ports?)

  To be precise: When you fire up a bash shell under Cygwin, particularly for
the first time, it is entirely part of the normal course of events for that
process to 1) access and alter keys in the registry, 2) search through a bunch
of files and dirs, 3) manipulate text.  (That's a *really* vague thing for it
to warn about, how much software /doesn't/ do that in one way or another?)



    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/