From owner-freebsd-security Sun Apr 19 23:52:13 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA17886 for freebsd-security-outgoing; Sun, 19 Apr 1998 23:52:13 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from dt050n33.san.rr.com (@dt050n33.san.rr.com [204.210.31.51]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA17870 for ; Mon, 20 Apr 1998 06:52:03 GMT (envelope-from Studded@san.rr.com) Received: from san.rr.com (Studded@localhost [127.0.0.1]) by dt050n33.san.rr.com (8.8.8/8.8.8) with ESMTP id XAA17854; Sun, 19 Apr 1998 23:51:42 -0700 (PDT) (envelope-from Studded@san.rr.com) Message-ID: <353AF07D.8131BBA8@san.rr.com> Date: Sun, 19 Apr 1998 23:51:41 -0700 From: Studded Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.05 [en] (X11; I; FreeBSD 2.2.6-STABLE i386) MIME-Version: 1.0 To: Andrew McNaughton CC: freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk Andrew McNaughton wrote: Someone else wrote: > >It would probably be better to pull all of UUCP into a separate install > >package, so users who don't use it could simply not install it. I personally believe this is true of many portions of the base OS, but I think it's especially important for those elements that use s[ug]id bits. > I'm one of said users who don't use UUCP, and so far haven't concerned > myself with it much. I presume there's no problem for me in removing the > uucp group and user? what else is solely related to uucp that I can throw > out? I remove all elements of uucp from my tree and modify my makefiles accordingly to not build them during make world. In case someone doesn't know how this is done, look at http://home.san.rr.com/freebsd/upgrade.html, towards the end of the page. The one exception is /usr/src/lib/libutil/uucplock.c which if it's not built some other part of the system crashes and burns... I don't remember what it is off hand but if someone looks at surgically removing uucp they should be aware of this dependency. Hope this helps, Doug -- *** Chief Operations Officer, DALnet IRC network *** *** Proud designer and maintainer of the world's largest Internet *** Relay Chat server with 5,328 simultaneous connections. *** Try spider.dal.net on ports 6662-4 (Powered by FreeBSD) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message