Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 8 Sep 2001 19:50:37 -0700
From:      Gregory Neil Shapiro <gshapiro@FreeBSD.ORG>
To:        security@FreeBSD.ORG
Subject:   Re: Fwd: Multiple vendor 'Taylor UUCP' problems. 
Message-ID:  <15258.55549.285245.769691@horsey.gshapiro.net>
In-Reply-To: <200109090243.f892hID99147@cwsys.cwsent.com>
References:  <5.1.0.14.0.20010908222654.060f1ea8@192.168.0.12> <200109090243.f892hID99147@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Cy.Schubert> How about the following solution?  Install the UUCP binaries
Cy.Schubert> without the setuid bit set and ship a script that would enable
Cy.Schubert> UUCP (turn on setuid/setgid bits) for sites that need it.  Of
Cy.Schubert> course the script would print an appropriate warning that
Cy.Schubert> enabling UUCP could lead to compromise.

Also, at the very least, Jordon may approve of this diff for RELENG_4 for
4.4.  There is no reason for non-UUCP systems (probably most of them out
there) to run these anyway.

Index: periodic.conf
===================================================================
RCS file: /src/FreeBSD/cvsrepo/src/etc/defaults/periodic.conf,v
retrieving revision 1.7.2.8
diff -u -u -r1.7.2.8 periodic.conf
--- periodic.conf	2001/07/28 11:44:22	1.7.2.8
+++ periodic.conf	2001/09/09 02:49:20
@@ -89,14 +89,14 @@
 daily_news_expire_enable="YES"				# Run news.expire
 
 # 340.uucp
-daily_uuclean_enable="YES"				# Run uuclean.daily
+daily_uuclean_enable="NO"				# Run uuclean.daily
 
 # 400.status-disks
 daily_status_disks_enable="YES"				# Check disk status
 daily_status_disks_df_flags="-k -t nonfs"		# df(1) flags for check
 
 # 410.status-uucp
-daily_status_uucp_enable="YES"				# Check uucp status
+daily_status_uucp_enable="NO"				# Check uucp status
 
 # 420.status-network
 daily_status_network_enable="YES"			# Check network status
@@ -149,7 +149,7 @@
 weekly_clean_kvmdb_verbose="YES"			# Mention files deleted
 
 # 300.uucp
-weekly_uucp_enable="YES"				# Clean uucp weekly
+weekly_uucp_enable="NO"					# Clean uucp weekly
 
 # 310.locate
 weekly_locate_enable="YES"				# Update locate weekly

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15258.55549.285245.769691>