Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!nntp.coast.net!zombie.ncsc.mil!news.mathworks.com!fu-berlin.de!zrz.TU-Berlin.DE!zib-berlin.de!news.tu-chemnitz.de!irz401!uriah.heep!news From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Q: File permissions changed in 2.1? Date: 7 Jan 1996 11:05:49 GMT Organization: Private BSD site, Dresden Lines: 22 Message-ID: <4co9ed$8cb@uriah.heep.sax.de> References: <4cn5q3$7vd@pilhuhn.pilhuhn.de> Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) NNTP-Posting-Host: localhost.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: knews 0.9.3 pmh@pilhuhn.de (Patrick M.Hausen) writes: > After installing 2.1 I found that cu, for example, is world executable and > setuid uucp. The same with uucico. I don't think this is a good idea, since > now any user can dial out. If I remember correctly, in 2.0.5 only users in > group dialer could invoke cu or uucico. I don't remember, if this was via > the /dev/cua* or /usr/bin/cu's permissions, though. (and I don't have my > cdrom handy) It's done via group permissions of /dev/cua*. Make the cua's 0660, and cu will only allow you accessing the device if your are root or a member of group dialer. cu and uucico must be setuid uucp in order to read the configuration files under /etc/uucp (some of them are owned by uucp and perm 0600). -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)