Date: Sun, 14 May 1995 19:56:20 +1000 From: Bruce Evans <bde@zeta.org.au> To: ache@astral.msk.su, bde@zeta.org.au, freebsd-current@FreeBSD.org, terry@cs.weber.edu, uhclem%nemesis@fw.ast.com Subject: Re: Taylor UUCP Message-ID: <199505140956.TAA22337@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>>Phones and passwords are in /etc/uucp, not in libexec/uucp :-). >Shure. Both uuchk and uuconv operates in /etc/uucp. >>The programs aren't setuid so they can't read /etc/uucp/* unless >>run by root. >/etc/uucp must be owned by uucp, it doesn't? Yes the protection is in the non-world-readableness of /etc/uucp. It doesn't belong in the programs. uucp.info warns you not to make the programs setuid for this reason. We follow this warning, but give the programs strange ownership and permissions. Programs should be owned by bin.bin and have permissions 555 except when they are setuid. We follow this rule for /usr/bin/uu*. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199505140956.TAA22337>