From owner-freebsd-security  Fri Apr  2  6: 4:31 1999
Delivered-To: freebsd-security@freebsd.org
Received: from aniwa.sky (p55-max12.wlg.ihug.co.nz [216.100.145.55])
	by hub.freebsd.org (Postfix) with ESMTP id BD04914E1A
	for <freebsd-security@FreeBSD.ORG>; Fri,  2 Apr 1999 06:04:25 -0800 (PST)
	(envelope-from andrew@squiz.co.nz)
Received: from aniwa.sky (localhost [127.0.0.1])
	by aniwa.sky (8.9.1a/8.9.1) with ESMTP id CAA16855;
	Sat, 3 Apr 1999 02:03:40 +1200 (NZST)
Message-Id: <199904021403.CAA16855@aniwa.sky>
X-Mailer: exmh version 2.0.2 2/24/98
To: Mike Holling <myke@ees.com>
Cc: 0x1c <nick@shibumi.feralmonkey.org>, freebsd-security@FreeBSD.ORG
Subject: Re: uucp home dir mode 777? 
In-reply-to: Your message of "Thu, 01 Apr 1999 23:39:09 PST."
             <Pine.BSF.4.10.9904012338170.19754-100000@phluffy.fks.bt> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sat, 03 Apr 1999 02:03:39 +1200
From: Andrew McNaughton <andrew@squiz.co.nz>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> > On my 2.2.8-REL box and my 3.1-REL box the modes for use uucp's home dir
> > are both 777. Is there any particular reasoning behind this?
> 
> UUCP requires the "public" directory to be mode 777.  If you don't use
> UUCP, you can get rid of it altogether.
> 
> - Mike

I don't use UUCP, and have disabled it.  I have wondered though if this public 
home dir was exploitable.

There was discussion a while back about removing uucp from the base install 
and putting it in a port instead.

Andrew
-- 
-----------
Andrew McNaughton
andrew@squiz.co.nz
http://www.newsroom.co.nz/




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message