Hard Links between UNIX Utility Programs
Bob Hoffman
hoffman at pitt.UUCP
Sat Jul 30 04:53:41 AEST 1988
In article <185 at chip.UUCP> mparker at chip.UUCP (M. D. Parker) writes:
>... I want to prevent users from
>examining the mailq using the /usr/ucb/mailq program
I believe it can be done by setting protections and group-IDs
carefully. First of all, I think it's safe to assume that you
don't want any of your users executing /usr/lib/sendmail directly
for any reason. Sendmail is normally invoked by the users' mail
agent, e.g. /bin/mail, /usr/ucb/Mail, etc. I propose a way of
restricting execution of /usr/lib/sendmail without losing any
functionality for the users sending or receiving mail or for the
administration of the mail facility.
1. Create a group in /etc/group called 'mail' that includes the
system manager.
mail::7:root
2. Change the group ID and protection on /usr/lib/sendmail (and its
links, newaliases and mailq) so that only group 'mail' can execute it:
-rwsr-x--- 2 root mail 112640 Mar 27 15:33 /usr/lib/sendmail
3. Change the group ID and set-GID bits on each mail user agent and any other
program that might have need to call sendmail:
-rwsr-sr-x 1 root mail 41984 Dec 30 1987 /bin/mail
-rwxr-sr-x 1 root mail 14336 Jun 6 1986 /bin/rmail
-rwxr-sr-x 1 root mail 185344 Jun 7 13:08 /usr/local/bin/elm
-rwxr-sr-x 2 root mail 74752 Dec 31 1987 /usr/ucb/Mail
4. Finally, make sure /usr/spool/mqueue is not world-readable:
drwxrwx--- 2 root mail 2048 Jul 29 14:50 /usr/spool/mqueue/
I believe this will do as Mr. Parker asks. Have I overlooked anything?
--
Bob Hoffman, N3CVL {allegra, bellcore, cadre, idis, psuvax1}!pitt!hoffman
Pitt Computer Science hoffman at vax.cs.pittsburgh.edu
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list