From owner-freebsd-security Wed Nov 3 6: 9:43 1999 Delivered-To: freebsd-security@freebsd.org Received: from anarcat.dyndns.org (phobos.IRO.UMontreal.CA [132.204.20.20]) by hub.freebsd.org (Postfix) with ESMTP id 5C5DF1550B for ; Wed, 3 Nov 1999 06:09:31 -0800 (PST) (envelope-from spidey@anarcat.dyndns.org) Received: by anarcat.dyndns.org (Postfix, from userid 1000) id B5C281A61; Wed, 3 Nov 1999 04:10:27 -0500 (EST) From: Spidey MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14367.64514.294218.824898@anarcat.dyndns.org> Date: Wed, 3 Nov 1999 09:10:26 +0000 (GMT) To: Ollivier Robert Cc: freebsd-security@FreeBSD.ORG Subject: Re: Examining FBSD set[ug]ids and their use References: <14364.64172.638014.558487@anarcat.dyndns.org> <99Nov1.143118est.40332@border.alcanet.com.au> <14365.48408.87230.710344@anarcat.dyndns.org> <19991101203858.A39857@keltia.freenix.fr> X-Mailer: VM 6.72 under 21.1 "20 Minutes to Nikko" XEmacs Lucid (patch 2) Reply-To: Spidey Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ok... In fact, this UUCP thing has been discussed over and over again on the various FBSD-* lists, and I don't want to get back on this, as I think compatibility wins over the security in that perticular case. Anyways, since UUCP runs in its sandbox, I guess it's ok... Thanks for all your comments, everybody. I'll start checking the ports tree soon for setuids... :)) Wish me luck! AnarCat. --- Big Brother told Ollivier Robert to write, at 20:38 of November 1: > According to Spidey: > > Ok. But what is its use??? Is it used by X? Why is it suid? > > Xwrapper is setuid so that the X server itself doesn't have to be. > > > Ok. but what _is it_? Why does it needs special permissions? > > UUCP = Unix-to-Unix CoPy. It is an old but still used way of sending files and > execute command across serial lines (and TCP as well). It predates TCP/IP and > is used mostly now by European and people who pay by the minutes (or bytes) > their phone lines. > > It is the most efficient way of transfering news batches I know on serial > lines. We have a good network of UUCP connected machines here in France and I > manage a small USP (Usenet Service Provider :-)) along with friends. We have > around 40 people that would kill anyone wanting to remove UUCP support :-) > > We even have people with PPP or cable connections that are still using UUCP > (over TCP) in order to get their mail/news. You don't need hacks like POP > before SMTP or multiple mailbox support in POP/IMAP with UUCP. Routing entire > domains is natural and multiple account is native usage. > -- > Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.freenix.fr > FreeBSD keltia.freenix.fr 4.0-CURRENT #74: Thu Sep 9 00:20:51 CEST 1999 > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Si l'image donne l'illusion de savoir C'est que l'adage pretend que pour croire, L'important ne serait que de voir Lofofora To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message