REMOTE REJECT Failure (also anonymous uucp)
James Van Artsdalen
james at bigtex.uucp
Wed Aug 17 13:17:23 AEST 1988
In article <209 at alobar.ATT.COM>, grs at alobar.UUCP (Gregg Siegfried) wrote:
> [ /usr/lib/uucp/remote.unknown ]
> This can be overridden by making this file unexecutable. So a
> chmod 600 remote.unknown should allow anyone to uucp into your system.
> Note that this is greatly reducing the builtin HDB security, but judicious
> use of the Permissions file can help make up for it.
If you give each uucp neighbor a separate login and use the VALIDATE=
keyword in the permissions file, I think there is little danger from
an anonymous uucp login. READ=, NOWRITE= and PUBDIR= also can help.
I have tested that on the bigtex anonymous uucp login, and it appears
impossible to for someone to claim to by system "juniper" without
logging in under "ujuniper" with the correct password - the nuucp
login cannot be used.
I also recommend using COMMANDS= to point rmail to something other
than /bin/rmail, so that people can send mail, but not out into the
net.
--
James R. Van Artsdalen ...!uunet!utastro!bigtex!james "Live Free or Die"
Home: 512-346-2444 Work: 328-0282; 110 Wild Basin Rd. Ste #230, Austin TX 78746
More information about the Comp.unix.wizards
mailing list