From owner-freebsd-security  Fri Jun  8 12:15:17 2001
Delivered-To: freebsd-security@freebsd.org
Received: from orthanc.ab.ca (orthanc.ab.ca [207.167.3.130])
	by hub.freebsd.org (Postfix) with ESMTP id 86CA737B405
	for <freebsd-security@FreeBSD.ORG>; Fri,  8 Jun 2001 12:15:12 -0700 (PDT)
	(envelope-from lyndon@orthanc.ab.ca)
Received: from orthanc.ab.ca (localhost [127.0.0.1])
	by orthanc.ab.ca (8.11.2/8.11.2) with ESMTP id f58JEq556483;
	Fri, 8 Jun 2001 13:14:52 -0600 (MDT)
	(envelope-from lyndon@orthanc.ab.ca)
Message-Id: <200106081914.f58JEq556483@orthanc.ab.ca>
From: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
Organization: The Frobozz Magic Homing Pigeon Company
To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Cc: Peter Pentchev <roam@orbitel.bg>, freebsd-security@FreeBSD.ORG
Subject: /bin/rmail (was: root & toor)
In-reply-to: Your message of "Fri, 08 Jun 2001 10:46:00 EDT."
             <200106081446.KAA36576@khavrinen.lcs.mit.edu> 
Date: Fri, 08 Jun 2001 13:14:52 -0600
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

>>>>> "Garrett" == Garrett Wollman <wollman@khavrinen.lcs.mit.edu> writes:

    Garrett> Unfortunately, as with /etc/rmt, it is part of a protocol
    Garrett> the client implementations of which we do not control.

That's not true. The convention for executing rmail has always[1] been
'uux system!rmail'. It's up to the remote uuxqt to decide what path
it's going to use when searching for executables. In FreeBSD, uuxqt
searches in /bin, /usr/bin, /usr/local/bin by default. So, moving
rmail into /usr/bin won't break the traditional uuxqt execution
environment.

The only other issue is local execution of /bin/rmail by programs
other than uuxqt. A grep through the source tree doesn't show any
other program invoking rmail. And I would argue that rmail shouldn't
be invoked by anything other than uuxqt. It's presence in /bin is an
artifact of there being no concept of libexec directories when UUCP
was invented. In fact, I would go so far as to say we should create
/usr/libexec/uuxqt/, move rmail into it, and prepend
/usr/libexec/uuxqt to the default uuxqt execution search path.

--lyndon

[1] Well, it's been this way for the 17 years I've been using UUCP.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message