From owner-freebsd-hackers Sun Jun 1 16:20:06 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id QAA13019 for hackers-outgoing; Sun, 1 Jun 1997 16:20:06 -0700 (PDT) Received: from labs.usn.blaze.net.au (labs.usn.blaze.net.au [203.17.53.30]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA12962 for ; Sun, 1 Jun 1997 16:19:59 -0700 (PDT) Received: from labs.usn.blaze.net.au (local [127.0.0.1]) by labs.usn.blaze.net.au (8.8.5/8.8.5) with ESMTP id JAA02110; Mon, 2 Jun 1997 09:19:55 +1000 (EST) Message-Id: <199706012319.JAA02110@labs.usn.blaze.net.au> X-Mailer: exmh version 2.0gamma 1/27/96 To: Don Yuniskis , freebsd-hackers@freebsd.org Subject: Re: uucp uid's In-reply-to: Your message of "Sat, 31 May 1997 10:49:57 MST." <199705311749.KAA03280@seagull.rtd.com> X-Face: (W@z~5kg?"+5?!2kHP)+l369.~a@oTl^8l87|/s8"EH?Uk~P#N+Ec~Z&@;'LL!;3?y Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 02 Jun 1997 09:19:54 +1000 From: David Nugent Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Where !~= translates into ``not necessarily equal''. You can track of > > the different accounts even if they have the same UID. As i wrote > > earlier, the only thing that is recording by UID is the process > > And the basic access control mechanisms inherent in UN*X. You > can, for example, create another copy of uucico that doesn't > suid(uucp) but, rather, runs under the access controls of the > invoking user to allow the kernel to enforce the access control > privileges on a per user (i.e. per *uid*) basis. I hope we're not the only ones who see the security risk in not tying specific remote uucp system names to local accounts where there is non-trusted shell access on the same system. :-) Regards, David David Nugent - Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/