COPS security audit and the unix pc. (and kermit)
Andy Fyfe
andy at cs.caltech.edu
Wed Mar 27 12:47:22 AEST 1991
In article <1991Mar26.225255.6048 at ferret.ocunix.on.ca> clewis at ferret.ocunix.on.ca (Chris Lewis) writes:
>In article <1991Mar23.004007.2024 at shibaya.lonestar.org> afc at shibaya.lonestar.org (Augustine Cano) writes:
>>One directory that CANNOT be treated in this manner is /usr/spool/uucp.
>>I tried it and kermit couldn't then set or clear locks.
>>This one has to be ignored; as I said above certain programs might not be
>>able to access locks if this is changed.
>
>The real solution is to fix Kermit. Or use HDB (where the lock directory
>can be made world writable but not everything else)
Recent versions of kermit can be make setuid. On my system, kermit is
setuid uucp, and /usr/spool/uucp is owned by uucp. Kermit has no trouble
making and removing locks. It is also quite paranoid about permissions,
so it's fairly safe as far as setuid programs go. The current version,
5A(166), is available on csvax.cs.caltech.edu in the directory pub/3b1
(for those who have anonymous ftp). A possibly-not-quite-so-up-to-date
version is available in the OSU archives (as kermit2).
Andy Fyfe andy at cs.caltech.edu
More information about the Comp.sys.3b1
mailing list