Re: Trusted Software Vendor
On Jun 19 04:25, Andrey Repin wrote: > Greetings, Corinna Vinschen! > > >> Out of curiosity would downloading setup.exe using wget also work > >> around the problem? > >> >>> > >> >>>Most likely. I don't think wget cares about protecting Windows users > >> >>>from their own stupidity. If you use wget, you should know what you're > >> >>>doing. > >> >>> > >> >>>How about you just give it a try? > >> >> > >> >> Er, I don't have this problem. I wasn't the one reporting it. > >> > Downloading setup.exe with wget has another problem. The downloaded > >> > file is missing the +x bit, IIRC. > >> > >> It's irrelevant for setup.exe. > > > It's not. Try to start any executable on a NTFS filesystem. Remove > > the executable bits from all entries in the ACL. Try again. > > Sure that will cause issues, but read quote from the start. > If you download setup.exe using wget, it's unlikely you'll be unable to run > it. > You need to do some real tinkering first to prevent that. I was solely referring to the common misconception that the execute bit has no meaning for Windows excecutables. Some people even think the execute bit is just faked by Cygwin(*). I can't let this go without commenting on it. Corinna (*) which it is, but only on filesystems which don't support permissions at all, like FAT/FAT32. -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
Greetings, Corinna Vinschen! >> Out of curiosity would downloading setup.exe using wget also work >> around the problem? >> >>> >> >>>Most likely. I don't think wget cares about protecting Windows users >> >>>from their own stupidity. If you use wget, you should know what you're >> >>>doing. >> >>> >> >>>How about you just give it a try? >> >> >> >> Er, I don't have this problem. I wasn't the one reporting it. >> > Downloading setup.exe with wget has another problem. The downloaded >> > file is missing the +x bit, IIRC. >> >> It's irrelevant for setup.exe. > It's not. Try to start any executable on a NTFS filesystem. Remove > the executable bits from all entries in the ACL. Try again. Sure that will cause issues, but read quote from the start. If you download setup.exe using wget, it's unlikely you'll be unable to run it. You need to do some real tinkering first to prevent that. -- WBR, Andrey Repin (anrdae...@freemail.ru) 19.06.2012, <04:24> Sorry for my terrible english...
Re: Trusted Software Vendor
On Jun 14 22:45, Andrey Repin wrote: > Greetings, Vaclav Zeman! > > Out of curiosity would downloading setup.exe using wget also work > around the problem? > >>> > >>>Most likely. I don't think wget cares about protecting Windows users > >>>from their own stupidity. If you use wget, you should know what you're > >>>doing. > >>> > >>>How about you just give it a try? > >> > >> Er, I don't have this problem. I wasn't the one reporting it. > > Downloading setup.exe with wget has another problem. The downloaded > > file is missing the +x bit, IIRC. > > It's irrelevant for setup.exe. It's not. Try to start any executable on a NTFS filesystem. Remove the executable bits from all entries in the ACL. Try again. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
Greetings, Vaclav Zeman! Out of curiosity would downloading setup.exe using wget also work around the problem? >>> >>>Most likely. I don't think wget cares about protecting Windows users >>>from their own stupidity. If you use wget, you should know what you're >>>doing. >>> >>>How about you just give it a try? >> >> Er, I don't have this problem. I wasn't the one reporting it. > Downloading setup.exe with wget has another problem. The downloaded > file is missing the +x bit, IIRC. It's irrelevant for setup.exe. -- WBR, Andrey Repin (anrdae...@freemail.ru) 14.06.2012, <22:45> Sorry for my terrible english...
Re: Trusted Software Vendor
On 6/12/2012 7:08 PM, Roger K. Wells wrote: On 06/12/2012 11:10 AM, Earnie Boyd wrote: On Tue, Jun 12, 2012 at 10:46 AM, James Johnston wrote: Wikipedia says that ... Wikipedia isn't the keeper of the information relevant to Cygwin. You can only find the truth at cygwin.com. Besides, companies do support open source projects by providing man hours to it. It doesn't mean that the company providing those hours has any other right to it than you or I do. Cygwin is a separate entity from Red Hat. What's this then? http://www.redhat.com/software/cygwin/ a link on: http://cygwin.com/ If they are a separate entity this will certainly mislead some of us reporting all the sentence is more clear : "For Cygwin licensing or commercial support, please visit the Red Hat Cygwin Product site." On linux you can choose between Fedora and RHEL , here you can choose between "Cygwin" and "Redhat Cygwin" it is not so strange in the software world Marco -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On 06/12/2012 11:10 AM, Earnie Boyd wrote: On Tue, Jun 12, 2012 at 10:46 AM, James Johnston wrote: Wikipedia says that ... Wikipedia isn't the keeper of the information relevant to Cygwin. You can only find the truth at cygwin.com. Besides, companies do support open source projects by providing man hours to it. It doesn't mean that the company providing those hours has any other right to it than you or I do. Cygwin is a separate entity from Red Hat. What's this then? http://www.redhat.com/software/cygwin/ a link on: http://cygwin.com/ If they are a separate entity this will certainly mislead some of us -- Roger Wells, P.E. SAIC 221 Third St Newport, RI 02840 401-847-4210 (voice) 401-849-1585 (fax) roger.k.we...@saic.com -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On Tue, Jun 12, 2012 at 09:32:00AM -0600, Eric Blake wrote: >On 06/12/2012 09:12 AM, Nick Lowe wrote: >> http://cygwin.com/ >> >> "The Cygwin DLL and utilities are Copyright ? 2000, 2001, 2002, 2003, >> 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc" > >Yes, that's true for the cygwin1.dll. But it's not all the executables >available from cygwin.com. Even among the packages I help maintain (on >my own time, and not on Red Hat's time, I might add), ls.exe is >copyright FSF; diffstat.exe is copyright Thomas E. Dickey; git.exe is >copyright by many different individuals; etc., and none of these are >owned or run by Red Hat. That is, Red Hat cannot make blanket >operations on executables, just because cygwin.com ships them, because >Red Hat is not the copyright holder on the majority of the binaries >bundled in the cygwin distribution, nor even the entity that compiled >the binaries in the first place. Most of what you get from cygwin is >the effort of individual contributors, while only a few things like >cygwin1.dll are directly owned by Red Hat. Thanks, Eric, for an important clarification. cgf -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On 06/12/2012 09:12 AM, Nick Lowe wrote: > http://cygwin.com/ > > "The Cygwin DLL and utilities are Copyright © 2000, 2001, 2002, 2003, > 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc" Yes, that's true for the cygwin1.dll. But it's not all the executables available from cygwin.com. Even among the packages I help maintain (on my own time, and not on Red Hat's time, I might add), ls.exe is copyright FSF; diffstat.exe is copyright Thomas E. Dickey; git.exe is copyright by many different individuals; etc., and none of these are owned or run by Red Hat. That is, Red Hat cannot make blanket operations on executables, just because cygwin.com ships them, because Red Hat is not the copyright holder on the majority of the binaries bundled in the cygwin distribution, nor even the entity that compiled the binaries in the first place. Most of what you get from cygwin is the effort of individual contributors, while only a few things like cygwin1.dll are directly owned by Red Hat. -- Eric Blake ebl...@redhat.com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature
Re: Trusted Software Vendor
On Tue, Jun 12, 2012 at 04:12:58PM +0100, Nick Lowe wrote: >http://cygwin.com/ > >"The Cygwin DLL and utilities are Copyright ? 2000, 2001, 2002, 2003, >2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc" The version of Cygwin supported at cygwin.com is a GPL-based free software project. Red Hat owns the code. Corinna works for Red Hat and can represent Red Hat's interests in the project but Red Hat does not run the project. They have their own release of Cygwin which is separate from the net release and which, in many cases, is not released under the GPL. Besides Corinna, AFAIK, there is one other active person on this project who works for Red Hat. Their Red Hat job does not involve working on Cygwin. sourceware.org, cygwin.com's home, is a system which was generously donated by Red Hat. It is maintained by three people, one of whom works at Red Hat. Like me, he maintains the site in his free time. cgf -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
http://cygwin.com/ "The Cygwin DLL and utilities are Copyright © 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc" > Wikipedia isn't the keeper of the information relevant to Cygwin. You > can only find the truth at cygwin.com. Besides, companies do support > open source projects by providing man hours to it. It doesn't mean > that the company providing those hours has any other right to it than > you or I do. Cygwin is a separate entity from Red Hat. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On Tue, Jun 12, 2012 at 10:46 AM, James Johnston wrote: > Wikipedia says that ... Wikipedia isn't the keeper of the information relevant to Cygwin. You can only find the truth at cygwin.com. Besides, companies do support open source projects by providing man hours to it. It doesn't mean that the company providing those hours has any other right to it than you or I do. Cygwin is a separate entity from Red Hat. -- Earnie -- https://sites.google.com/site/earnieboyd -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
To me, the key question is: Would Red Hat have an objection in principle to signing Cygwin and its packages given the history and ties. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: Trusted Software Vendor
> >Red Hat might not have to buy a code signing cert for this. They might > >already have one that will work: http://goo.gl/5Hm3C > > The Cygwin project is not Red Hat. It wouldn't be "Red Hat" buying anything. What is the Cygwin project then? I honestly thought it was a Red Hat project... I.e. I've thought of it as a "Linux" distribution from Red Hat, with Corinna Vinschen being a senior Red Hat engineer, according to your FAQ. Wikipedia says that you yourself used to work for Red Hat. Bottom of Cygwin.com: "The Cygwin DLL and utilities are Copyright C 2012 Red Hat, Inc. Other packages have other copyrights." Also Wikipedia says that the project was started by Cygnus Solutions which was then merged with Red Hat back in 2000. It is logical to assume that if the copyright is owned by Red Hat and some contributor(s) are Red Hat employees, then the Cygwin project would have some level of access to Red Hat resources. If Cygwin isn't owned/run by Red Hat as you seem to indicate, why do they seem to have their fingers in everything? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On Tue, Jun 12, 2012 at 06:57:45AM -0600, Warren Young wrote: >On 6/9/2012 9:57 AM, Christopher Faylor wrote: >>and I'm really not willing to burden cygwin.com with the cycles >>necessary to unpack tarballs at cygwin.com to sign them. > >Based on the traffic I see to cygwin-apps, my sense is that this would >amount to single-digit CPU-minutes per day, once you get through the >initial conversion. That can be nice'd to the point that it takes a >month; this doesn't have to be a Big Bang conversion. > >I think a much bigger problem is getting a Linux toolchain set up on >the main package repo server that can sign these executables. My >Google-fu says the GNU tools have no idea how to do this today. > >Then someone has to spend at least a few hours writing and testing the >script to do all this. It might take a person-day. If you are working under the misapprehension that I don't understand what's required to get this to work, I can assure you that you're wrong. >Red Hat might not have to buy a code signing cert for this. They might >already have one that will work: http://goo.gl/5Hm3C The Cygwin project is not Red Hat. It wouldn't be "Red Hat" buying anything. cgf -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On 6/9/2012 9:57 AM, Christopher Faylor wrote: and I'm really not willing to burden cygwin.com with the cycles necessary to unpack tarballs at cygwin.com to sign them. Based on the traffic I see to cygwin-apps, my sense is that this would amount to single-digit CPU-minutes per day, once you get through the initial conversion. That can be nice'd to the point that it takes a month; this doesn't have to be a Big Bang conversion. I think a much bigger problem is getting a Linux toolchain set up on the main package repo server that can sign these executables. My Google-fu says the GNU tools have no idea how to do this today. Then someone has to spend at least a few hours writing and testing the script to do all this. It might take a person-day. Red Hat might not have to buy a code signing cert for this. They might already have one that will work: http://goo.gl/5Hm3C -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: Trusted Software Vendor
Christopher Faylor sent the following at Monday, June 11, 2012 10:56 AM >On Mon, Jun 11, 2012 at 04:51:07PM +0200, Otto Meta wrote: >>cgf wrote: >>> Out of curiosity would downloading setup.exe using wget also work >>>around the problem? >> >>Most likely. I don't think wget cares about protecting Windows users >>from their own stupidity. If you use wget, you should know what you're >>doing. >> >>How about you just give it a try? > >Er, I don't have this problem. I wasn't the one reporting it. Since I reported it. I used curl and didn't have the problem. curl -R -o getcygwin.exe http://cygwin.com/setup.exe Also, the x bit was set. -rwxr-xr-x 1 705053 2012-04-29 02:27:44 getcygwin.exe Two solutions! Is this a great list or what! Thanks to all. - Barry Disclaimer: Statements made herein are not made on behalf of NIAID. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On 11 June 2012 16:55, Christopher Faylor wrote: > On Mon, Jun 11, 2012 at 04:51:07PM +0200, Otto Meta wrote: >>cgf wrote: >>> Out of curiosity would downloading setup.exe using wget also work >>>around the problem? >> >>Most likely. I don't think wget cares about protecting Windows users >>from their own stupidity. If you use wget, you should know what you're >>doing. >> >>How about you just give it a try? > > Er, I don't have this problem. I wasn't the one reporting it. Downloading setup.exe with wget has another problem. The downloaded file is missing the +x bit, IIRC. -- VZ -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On Mon, Jun 11, 2012 at 04:51:07PM +0200, Otto Meta wrote: >cgf wrote: >> Out of curiosity would downloading setup.exe using wget also work >>around the problem? > >Most likely. I don't think wget cares about protecting Windows users >from their own stupidity. If you use wget, you should know what you're >doing. > >How about you just give it a try? Er, I don't have this problem. I wasn't the one reporting it. cgf -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
> Out of curiosity would downloading setup.exe using wget also work > around the problem? Most likely. I don't think wget cares about protecting Windows users from their own stupidity. If you use wget, you should know what you're doing. How about you just give it a try? Otto -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On Mon, Jun 11, 2012 at 04:44:46PM +0200, Otto Meta wrote: >> This is because of the file being downloaded from the web (check file streams > >> for details). >> You can easily cleanup the file metadata by copying it to FAT drive (Flash >> disk/memory card). > > >The file stream with the "downloaded from the web" information can >easily be removed with the Stream tool without any copying: >http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx > >You can probably make a simple context menu entry as well. Out of curiosity would downloading setup.exe using wget also work around the problem? cgf -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
> This is because of the file being downloaded from the web (check file streams > for details). > You can easily cleanup the file metadata by copying it to FAT drive (Flash > disk/memory card). The file stream with the "downloaded from the web" information can easily be removed with the Stream tool without any copying: http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx You can probably make a simple context menu entry as well. Otto -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: Trusted Software Vendor
Andrey Repin sent the following at Monday, June 11, 2012 10:03 AM >This is because of the file being downloaded from the web (check file >streams for details). You can easily cleanup the file metadata by >copying it to FAT drive (Flash disk/memory card). It worked! For the record, I had to delete it from /usr/local/bin before copying back from the from the memory stick; copying over the file was not enough. Thanks! (And your English is fine.) - Barry Disclaimer: Statements made herein are not made on behalf of NIAID. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
Greetings, Buchbinder, Barry (NIH/NIAID) [E]! > I have setup.exe downloaded to /usr/local/bin (and renamed to > getcygwin.exe). When I launch it by hand (but not by cmd /c start), > Windows tells me that the publisher could not be verified and asks > whether I want to run it. This is because of the file being downloaded from the web (check file streams for details). You can easily cleanup the file metadata by copying it to FAT drive (Flash disk/memory card). > This is a minor annoyance but it would be > nice if it could be addressed without expense or too much bother. I doubt it would be in foreseeable future. -- WBR, Andrey Repin (anrdae...@freemail.ru) 11.06.2012, <18:00> Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On Sun, Jun 10, 2012 at 1:51 PM, Buchbinder, Barry (NIH/NIAID) [E] wrote: > I have setup.exe downloaded to /usr/local/bin (and renamed to > getcygwin.exe). When I launch it by hand (but not by cmd /c start), > Windows tells me that the publisher could not be verified and asks > whether I want to run it. This is a minor annoyance but it would be > nice if it could be addressed without expense or too much bother. IIRC, you can turn that annoyance off in your system if you don't want to be bothered by it. -- Earnie -- https://sites.google.com/site/earnieboyd -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
RE: Trusted Software Vendor
I have setup.exe downloaded to /usr/local/bin (and renamed to getcygwin.exe). When I launch it by hand (but not by cmd /c start), Windows tells me that the publisher could not be verified and asks whether I want to run it. This is a minor annoyance but it would be nice if it could be addressed without expense or too much bother. - Barry Disclaimer: Statements made herein are not made on behalf of NIAID. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On Sat, Jun 09, 2012 at 01:04:37PM +0200, V?clav Zeman wrote: >On 06/08/2012 08:46 PM, Christopher Faylor wrote: >> On Fri, Jun 08, 2012 at 02:15:27PM -0400, Milton Quinteros S. wrote: >>>Would you consider the possibility to subscribe to the Comodo Trusted >>>Software Vendor list >>>(http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign >>>every executable? It would be so useful for Comodo Firewall users. >>>Best regards. >>> >>>Milton Quinteros Salas >>1) Wrong mailing list. >> >>2) Do you have any idea how many executables are in the release? No. > >Well, that part sounds like it could be automated. I obviously know how to automate things. I also know that the Cygwin release doesn't all come from one place and package maintainers don't use just one way to produce packages. So, any automation would be complicated. You could theoretically push the burden onto cygwin.com itself but that would be a big change to the way that we do things now and I'm really not willing to burden cygwin.com with the cycles necessary to unpack tarballs at cygwin.com to sign them. cgf -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Trusted Software Vendor
On 06/08/2012 08:46 PM, Christopher Faylor wrote: > On Fri, Jun 08, 2012 at 02:15:27PM -0400, Milton Quinteros S. wrote: >> Would you consider the possibility to subscribe to the Comodo Trusted >> Software Vendor list >> (http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign >> every executable? >> It would be so useful for Comodo Firewall users. >> Best regards. >> >> Milton Quinteros Salas > 1) Wrong mailing list. > > 2) Do you have any idea how many executables are in the release? No. Well, that part sounds like it could be automated. Though I think such effort for one commercial product is not worth the trouble. -- VZ signature.asc Description: OpenPGP digital signature
Trusted Software Vendor
On Fri, 8 Jun 2012, Milton Quinteros S. wrote: Would you consider the possibility to subscribe to the Comodo Trusted Software Vendor list (http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign every executable? I don't know how much is the certificate but I'm sure there is a lot of people like me to make donations. off the link: Comodo Code Signing Certificates // Comodo CA offers Code Signing certificates at the lowest prices around. http://www.instantssl.com/code-signing/index.html a bit under $100 a year But, clearly not the 'lowest price' ... https://startssl.com/ issues such to people with their Class II validation for less I assume there is some reason this is not presently done -- Russ herrold -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Trusted Software Vendor
Would you consider the possibility to subscribe to the Comodo Trusted Software Vendor list (http://internetsecurity.comodo.com/trustedvendor/signup.php), and sign every executable? It would be so useful for Comodo Firewall users like me and other vendor list based firewalls to trust in applications. So, in Comodo - Computer Security Policy - Trusted Software Vendors - Read from a signed executable, would be so easy to add Cygwin as a trusted software vendor and avoid to make a rule for every executable. I don't know how much is the certificate but I'm sure there is a lot of people like me to make donations. Best regards. Milton Quinteros -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple