Date: Sat, 08 Sep 2001 19:42:52 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Mike Tancsa <mike@sentex.net> Cc: "Andrey A. Chernov" <ache@nagual.pp.ru>, security@FreeBSD.ORG Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. Message-ID: <200109090243.f892hID99147@cwsys.cwsent.com> In-Reply-To: Your message of "Sat, 08 Sep 2001 22:29:13 EDT." <5.1.0.14.0.20010908222654.060f1ea8@192.168.0.12>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <5.1.0.14.0.20010908222654.060f1ea8@192.168.0.12>, Mike Tancsa write s: > At 06:16 AM 9/9/2001 +0400, Andrey A. Chernov wrote: > > > > I think it's finally time to make UUCP into a port: I'll work on that > > > later tonight. > > > >Maybe. It is rarely enough used nowdays to deserve that. > > > For mail delivery to non permanently connected sites, its a damn site > better than ETRN or pop3. That being said, we have no more than 10 > customers using it still.... How about the following solution? Install the UUCP binaries without the setuid bit set and ship a script that would enable UUCP (turn on setuid/setgid bits) for sites that need it. Of course the script would print an appropriate warning that enabling UUCP could lead to compromise. Could not a UUCP based mail delivery system run in a jailed environment? How about fetchmail? Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD Ministry of Management Services Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109090243.f892hID99147>