Date: Fri, 08 Jun 2001 13:14:52 -0600 From: Lyndon Nerenberg <lyndon@orthanc.ab.ca> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Peter Pentchev <roam@orbitel.bg>, freebsd-security@FreeBSD.ORG Subject: /bin/rmail (was: root & toor) Message-ID: <200106081914.f58JEq556483@orthanc.ab.ca> In-Reply-To: Your message of "Fri, 08 Jun 2001 10:46:00 EDT." <200106081446.KAA36576@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Garrett" == Garrett Wollman <wollman@khavrinen.lcs.mit.edu> writes:
Garrett> Unfortunately, as with /etc/rmt, it is part of a protocol
Garrett> the client implementations of which we do not control.
That's not true. The convention for executing rmail has always[1] been
'uux system!rmail'. It's up to the remote uuxqt to decide what path
it's going to use when searching for executables. In FreeBSD, uuxqt
searches in /bin, /usr/bin, /usr/local/bin by default. So, moving
rmail into /usr/bin won't break the traditional uuxqt execution
environment.
The only other issue is local execution of /bin/rmail by programs
other than uuxqt. A grep through the source tree doesn't show any
other program invoking rmail. And I would argue that rmail shouldn't
be invoked by anything other than uuxqt. It's presence in /bin is an
artifact of there being no concept of libexec directories when UUCP
was invented. In fact, I would go so far as to say we should create
/usr/libexec/uuxqt/, move rmail into it, and prepend
/usr/libexec/uuxqt to the default uuxqt execution search path.
--lyndon
[1] Well, it's been this way for the 17 years I've been using UUCP.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106081914.f58JEq556483>