Date: Mon, 02 Jun 1997 09:19:54 +1000 From: David Nugent <davidn@labs.usn.blaze.net.au> To: Don Yuniskis <dgy@rtd.com>, freebsd-hackers@freebsd.org Subject: Re: uucp uid's Message-ID: <199706012319.JAA02110@labs.usn.blaze.net.au> In-Reply-To: Your message of "Sat, 31 May 1997 10:49:57 MST." <199705311749.KAA03280@seagull.rtd.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Where !~= translates into ``not necessarily equal''. You can track of > > the different accounts even if they have the same UID. As i wrote > > earlier, the only thing that is recording by UID is the process > > And the basic access control mechanisms inherent in UN*X. You > can, for example, create another copy of uucico that doesn't > suid(uucp) but, rather, runs under the access controls of the > invoking user to allow the kernel to enforce the access control > privileges on a per user (i.e. per *uid*) basis. I hope we're not the only ones who see the security risk in not tying specific remote uucp system names to local accounts where there is non-trusted shell access on the same system. :-) Regards, David David Nugent - Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706012319.JAA02110>