From owner-freebsd-audit Sat Sep 8 19:15:54 2001 Delivered-To: freebsd-audit@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id F2CB837B405 for ; Sat, 8 Sep 2001 19:15:51 -0700 (PDT) Received: (qmail 92789 invoked by uid 1000); 9 Sep 2001 02:15:49 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 9 Sep 2001 02:15:49 -0000 Date: Sat, 8 Sep 2001 21:15:49 -0500 (CDT) From: Mike Silbersack To: Kris Kennaway Cc: "Andrey A. Chernov" , "Todd C. Miller" , Matt Dillon , Jordan Hubbard , , Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. In-Reply-To: <20010908190700.A5881@xor.obsecurity.org> Message-ID: <20010908211441.A48947-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, 8 Sep 2001, Kris Kennaway wrote: > Hmm. These flaws in the UUCP suite need to be documented, then. > > I'm also very uneasy at having a local root exploited foiled only by > the setting of UFS file flags (mostly because of the NFS-mounted /usr > case). > > I think it's finally time to make UUCP into a port: I'll work on that > later tonight. > > Kris If uustat being called from the daily scripts is the exploit "vector", can't we just remove uustat from the daily scripts for now? I doubt many of us use uucp, and those that do can get along without daily stats for a little while. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message