Date: Fri, 2 Apr 1999 13:42:00 -0600 (CST) From: James Wyatt <jwyatt@RWSystems.net> To: Andrew McNaughton <andrew@squiz.co.nz> Cc: Mike Holling <myke@ees.com>, 0x1c <nick@shibumi.feralmonkey.org>, freebsd-security@FreeBSD.ORG Subject: Re: uucp home dir mode 777? Message-ID: <Pine.BSF.4.05.9904021338480.7622-100000@kasie.rwsystems.net> In-Reply-To: <199904021403.CAA16855@aniwa.sky>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 3 Apr 1999, Andrew McNaughton wrote: > > > On my 2.2.8-REL box and my 3.1-REL box the modes for use uucp's home dir > > > are both 777. Is there any particular reasoning behind this? > > > > UUCP requires the "public" directory to be mode 777. If you don't use > > UUCP, you can get rid of it altogether. > > > > - Mike > > I don't use UUCP, and have disabled it. I have wondered though if this public > home dir was exploitable. > > There was discussion a while back about removing uucp from the base install > and putting it in a port instead. The only thing the public dir can really do is allow someone to fill up a filesystem. A frequently large one at that. I'd rather not see it become a port, but wouldn't mind shipping with anon UUCP disabled. Kinda like we do with anon FTP now. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9904021338480.7622-100000>