Date: Mon, 01 Oct 2001 11:51:32 -0600 From: Lyndon Nerenberg <lyndon@atg.aciworldwide.com> To: Ruslan Ermilov <ru@FreeBSD.ORG> Cc: Kris Kennaway <kris@obsecurity.org>, current@FreeBSD.ORG Subject: Re: uucp user shell and home directory Message-ID: <200110011751.f91HpW8f014902@atg.aciworldwide.com> In-Reply-To: Message from Ruslan Ermilov <ru@FreeBSD.ORG> of "Mon, 01 Oct 2001 17:33:43 %2B0300." <20011001173343.D57416@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Ruslan" == Ruslan Ermilov <ru@FreeBSD.ORG> writes:
Ruslan> It doesn't really matter what the home directory is set to
Ruslan> (IIRC), but the shell must be uucico(8).
No, this is wrong on both counts.
By convention, the home directory of the uucp login has corresponded
to the UUCP PUBDIR. Traditionally this was /usr/spool/uucppublic, and
maps to /var/spool/uucppublic these days. Thus, if I wanted to
copy a file to the public file area on machine b I would incant
uucp file b!~
and the uucico on the remote end would expand the '~' to
/usr/spool/uucppublic.
This usage predates (and probably inspired) the common behavior of
current shells handling of '~' expansion. While no modern UUCP I'm
aware of uses the value of pw->pw_dir to derive PUBDIR, POLA would
imply that the interpretation of '~uucp' should be the same for
both the uucp(1) command and for shells that do ~ expansion. Therefore
I would recommend keeping the UUCP home directory as /var/spool/uucppublic.
If you want to be paranoid you make this directory owned by root.wheel
and mode 0555 without breaking anything.
As for the `uucp' account's shell, this should be set to
/sbin/nologin. The purpose of the uucp entry in /etc/passwd is to
provide a unique runtime uid for the setuid UUCP components. Note that
there are some periodic maintenance scripts that should be run if you
actively use UUCP. These traditionally run under the `uucp' identity,
so you need to make sure that they will continue to function with
/sbin/nologin. (Which they should, otherwise they would have barfed
with uucico as the shell.) The shell for the uucp account should most
certainly NOT be uucico! And you should *never* allow remote site UUCP
logins (those that run uucico) under the `uucp' login, for obvious
security reasons. Instead, create seperate unique logins for each
remote site, just as you would for each of your shell accounts, but
set the login shell to uucico.
--lyndon
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110011751.f91HpW8f014902>