From owner-freebsd-security Sun Apr 19 19:55:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA20826 for freebsd-security-outgoing; Sun, 19 Apr 1998 19:55:30 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA20636 for ; Mon, 20 Apr 1998 02:55:10 GMT (envelope-from andrew@squiz.co.nz) Received: from [192.168.1.1] (cloud9.sky [192.168.1.1]) by aniwa.sky (8.8.7/8.8.7) with SMTP id OAA00800 for ; Mon, 20 Apr 1998 14:52:30 +1200 (NZST) (envelope-from andrew@squiz.co.nz) X-Sender: andrew@pop.sky Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Mon, 20 Apr 1998 14:56:25 +1200 To: freebsd-security@FreeBSD.ORG From: andrew@squiz.co.nz (Andrew McNaughton) Subject: Re: suid/sgid programs Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk >It would probably be better to pull all of UUCP into a separate install >package, so users who don't use it could simply not install it. This >way, the install package could install all of the UUCP binaries with the >correct permissions, and users who don't need UUCP lower their suid/sgid >impact. I'm one of said users who don't use UUCP, and so far haven't concerned myself with it much. I presume there's no problem for me in removing the uucp group and user? what else is solely related to uucp that I can throw out? Is it a problem that the uucp user has by default a publicly writable home directory? or is this made irrelevant by it's shell being set to uucico? Andrew McNaughton DISCLAIMER: The Entire Physical Universe, Including Andrew McNaughton This Message, May One Day Collapse Back into an ++64 4 389 6891 Infinitesimally Small Space. Should Another Universe andrew@squiz.co.nz Subsequently Re-emerge, the Validity of Statements http://www.squiz.co.nz in This Message Cannot Be Guaranteed. http://www.newsroom.co.nz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message