Date: Sun, 9 Sep 2001 06:01:44 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Kris Kennaway <kris@obsecurity.org> Cc: "Todd C. Miller" <Todd.Miller@courtesan.com>, Matt Dillon <dillon@earth.backplane.com>, Jordan Hubbard <jkh@FreeBSD.ORG>, security@FreeBSD.ORG, audit@FreeBSD.ORG Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. Message-ID: <20010909060144.B34519@nagual.pp.ru> In-Reply-To: <20010908185602.B5619@xor.obsecurity.org> References: <5.1.0.14.0.20010908153417.0286b4b8@192.168.0.12> <200109082103.f88L3fK29117@earth.backplane.com> <20010908154617.A73143@xor.obsecurity.org> <20010908170257.A82082@xor.obsecurity.org> <20010908174304.A88816@xor.obsecurity.org> <20010909045226.A33654@nagual.pp.ru> <20010908180848.A94567@xor.obsecurity.org> <200109090120.f891KvM14677@xerxes.courtesan.com> <20010909054457.A34319@nagual.pp.ru> <20010908185602.B5619@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Sat, Sep 08, 2001 at 18:56:02 -0700, Kris Kennaway wrote: > > That doesn't protect NFS-mounted systems, and doesn't prevent Don't have ideas about NFS. Is schg not works there? > arbitrary users from reading/modifying the UUCP spool files. It is bad design of UUCP, it is not our problem. Moreover, it can't be fixed easily without total UUCP redesign. See my prev. message explaining it more. -- Andrey A. Chernov http://ache.pp.ru/ [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCVAwUBO5rNiOJgpPLZnQjrAQENHQP7BVdBvd1NFKrGNyo7J9NOaEa0gN+810OI wj2bUrvGlDD/Q5wJAVwzxzxKcVwLaWEuO/3zGDp8yu3XZQsoHWYH4LdUdbYFmWCn vWdyKWxMbNBvATPblHt2GSQ/iHLZthMnCzlKPdQlF+d10Wi8Bup09GgRqkQOgolV +zCwVw7PqbE= =4hb3 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010909060144.B34519>