UUCP security
Chip Salzenberg
chip at ateng.UUCP
Wed Apr 13 22:44:09 AEST 1988
In article <7049 at mcdchg.UUCP> heiby at mcdchg.UUCP (Ron Heiby) writes:
>I'm uid=501(heiby) gid=101(mot) on my system, and bunches of "?" are
>displayed instead of sensitive information when I invoke uucico.
>When I invoke uucico while logged in as "root", I get to see everything.
>If your implementation does not do this, then it should be fixed
>by your vendor.
Actually, what should be fixed are the access permissions of uucico: 6770.
On all the SCO Xenix System V systems that I administer, I run the equivalent
of the following:
chmod 775 /usr/spool/uucp
chmod 6770 /usr/lib/uucp/uucico
chown uucp /usr/bin/uu*
chgrp uucp /usr/bin/uu*
chmod 6771 /usr/bin/uu*
(Note that the /usr/bin/uu* excludes uuto and uupick, which are shell scripts.)
This closes several security holes:
Only root (and uucp) can invoke uucico at all.
No one but user uucp and group uucp can create or remove files
in the spool directory.
Files in the spool directory are created with owner uucp and group
uucp. By default, /usr/bin/uu* are setuid but not setgid, which
causes all files in the spool directory to be created with modes
660 and with the current group of the user who requested the spool.
Thus if you are in the same group with that person, you can read his
outbound mail!
Oh yes -- be sure to also run
chgrp uucp /bin/cu
chmod g+s /bin/cu
or else cu won't be able to create the device lock file in /usr/spool/uucp.
--
Chip Salzenberg "chip at ateng.UU.NET" or "codas!ateng!chip"
A T Engineering My employer's opinions are a trade secret.
"Anything that works is better than anything that doesn't."
More information about the Comp.unix.xenix
mailing list