From owner-freebsd-audit  Sat Sep  8 18:46:45 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42])
	by hub.freebsd.org (Postfix) with ESMTP
	id 0CE8C37B407; Sat,  8 Sep 2001 18:46:36 -0700 (PDT)
Received: (from ache@localhost)
	by nagual.pp.ru (8.11.6/8.11.6) id f891j0o34410;
	Sun, 9 Sep 2001 05:45:01 +0400 (MSD)
	(envelope-from ache)
Date: Sun, 9 Sep 2001 05:44:58 +0400
From: "Andrey A. Chernov" <ache@nagual.pp.ru>
To: "Todd C. Miller" <Todd.Miller@courtesan.com>
Cc: Kris Kennaway <kris@obsecurity.org>,
	Matt Dillon <dillon@earth.backplane.com>,
	Jordan Hubbard <jkh@FreeBSD.ORG>, security@FreeBSD.ORG,
	audit@FreeBSD.ORG
Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems.
Message-ID: <20010909054457.A34319@nagual.pp.ru>
References: <5.1.0.14.0.20010908153417.0286b4b8@192.168.0.12> <200109082103.f88L3fK29117@earth.backplane.com> <20010908154617.A73143@xor.obsecurity.org> <20010908170257.A82082@xor.obsecurity.org> <20010908174304.A88816@xor.obsecurity.org> <20010909045226.A33654@nagual.pp.ru> <20010908180848.A94567@xor.obsecurity.org> <200109090120.f891KvM14677@xerxes.courtesan.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200109090120.f891KvM14677@xerxes.courtesan.com>
User-Agent: Mutt/1.3.21i
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-audit.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-audit>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-audit>
X-Loop: FreeBSD.ORG

On Sat, Sep 08, 2001 at 19:20:56 -0600, Todd C. Miller wrote:
> In message <20010908180848.A94567@xor.obsecurity.org>
> 	so spake Kris Kennaway (kris):
> 
> > The vulnerability involves uucp being made to run arbitrary commands
> > as the uucp user through specifying a custom configuration file - see
> > bugtraq.  There may be other problems resulting from user-specified
> > configuration files.  I don't have time to go through the code and fix
> > up the revocation of privileges right now..in the meantime, this
> > prevents the root exploit where a user replaces a uucp-owned binary
> > like uustat, which is called daily by /etc/periodic.
> 
> Is there really any reason to run uustat as root?  Why not just run
> it as user uucp via su?  For that matter, running non-root owned
> executables from daily seems like a really bad idea.

I agree. There is no needs to deal with privileges revocation at all if
"uucp" user itself is well restricted, just protect system "uucp" owned
binaries from owerwritting by "uucp" user using schg flag.

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message