Date: Sat, 8 Sep 2001 20:49:15 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Kris Kennaway <kris@obsecurity.org> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, Mike Tancsa <mike@sentex.net>, "Andrey A. Chernov" <ache@nagual.pp.ru>, security@FreeBSD.org Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. Message-ID: <20010908204915.A24987@xor.obsecurity.org> In-Reply-To: <20010908195126.A13080@xor.obsecurity.org>; from kris@obsecurity.org on Sat, Sep 08, 2001 at 07:51:26PM -0700 References: <5.1.0.14.0.20010908222654.060f1ea8@192.168.0.12> <200109090243.f892hID99147@cwsys.cwsent.com> <20010908195126.A13080@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--XsQoSWH+UP9D9v3l Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Sep 08, 2001 at 07:51:26PM -0700, Kris Kennaway wrote: > On Sat, Sep 08, 2001 at 07:42:52PM -0700, Cy Schubert - ITSD Open Systems= Group wrote: >=20 > > How about the following solution? Install the UUCP binaries without=20 > > the setuid bit set and ship a script that would enable UUCP (turn on=20 > > setuid/setgid bits) for sites that need it. Of course the script would= =20 > > print an appropriate warning that enabling UUCP could lead to=20 > > compromise. >=20 > No, if we're going to do that (install binaries by default which are > useless by default) then we might as well just make it a port. I'm > almost done with that..I should be ready to commit in half an hour or > so (I won't be removing uucp yet). Okay, I've committed a first cut of the freebsd-uucp port. Anyone who makes use of uucp, please test this and let me know if there's anything else I should be doing to smooth the transition path from the base system version. Since I don't use UUCP, I might be missing something. Once people are happy with the port, I'll remove the uucp stuff from the base system (leaving cu behind, probably) Kris --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7mua7Wry0BWjoQKURAk0NAKCKXD98L8N5I2lDvTDCO9LvtPWQQACgh26f 051shBxomwa2VjtA4GfM3mI= =B8S0 -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010908204915.A24987>