COPS security audit and the unix pc. (and kermit)

Andy Fyfe andy at
Wed Mar 27 12:47:22 AEST 1991

In article <1991Mar26.225255.6048 at> clewis at (Chris Lewis) writes:
>In article <1991Mar23.004007.2024 at> afc at (Augustine Cano) writes:
>>One directory that CANNOT be treated in this manner is /usr/spool/uucp.
>>I tried it and kermit couldn't then set or clear locks.
>>This one has to be ignored; as I said above certain programs might not be
>>able to access locks if this is changed.
>The real solution is to fix Kermit.  Or use HDB (where the lock directory
>can be made world writable but not everything else)

Recent versions of kermit can be make setuid.  On my system, kermit is
setuid uucp, and /usr/spool/uucp is owned by uucp.  Kermit has no trouble
making and removing locks.  It is also quite paranoid about permissions,
so it's fairly safe as far as setuid programs go.  The current version,
5A(166), is available on in the directory pub/3b1
(for those who have anonymous ftp).  A possibly-not-quite-so-up-to-date
version is available in the OSU archives (as kermit2).

Andy Fyfe					andy at

More information about the Comp.sys.3b1 mailing list