From owner-freebsd-current  Sun May 14 02:57:16 1995
Return-Path: current-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id CAA02368
          for current-outgoing; Sun, 14 May 1995 02:57:16 -0700
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.34])
          by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id CAA02360
          for <freebsd-current@FreeBSD.org>; Sun, 14 May 1995 02:57:03 -0700
Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id TAA22337; Sun, 14 May 1995 19:56:20 +1000
Date: Sun, 14 May 1995 19:56:20 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199505140956.TAA22337@godzilla.zeta.org.au>
To: ache@astral.msk.su, bde@zeta.org.au, freebsd-current@FreeBSD.org,
        terry@cs.weber.edu, uhclem%nemesis@fw.ast.com
Subject: Re: Taylor UUCP
Sender: current-owner@FreeBSD.org
Precedence: bulk

>>Phones and passwords are in /etc/uucp, not in libexec/uucp :-).

>Shure. Both uuchk and uuconv operates in /etc/uucp.

>>The programs aren't setuid so they can't read /etc/uucp/* unless
>>run by root.

>/etc/uucp must be owned by uucp, it doesn't?

Yes the protection is in the non-world-readableness of /etc/uucp.
It doesn't belong in the programs.  uucp.info warns you not to
make the programs setuid for this reason.  We follow this warning,
but give the programs strange ownership and permissions.  Programs
should be owned by bin.bin and have permissions 555 except when
they are setuid.  We follow this rule for /usr/bin/uu*.

Bruce