Re: Fwd: Multiple vendor 'Taylor UUCP' problems.
From: Andrey A. Chernov (ache@nagual.pp.ru)
Date: 09/09/01
- Next message: Kris Kennaway: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- Previous message: Andrey A. Chernov: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- In reply to: Kris Kennaway: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- Next in thread: Andrey A. Chernov: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 9 Sep 2001 06:04:26 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Kris Kennaway <kris@obsecurity.org>
On Sat, Sep 08, 2001 at 19:01:03 -0700, Kris Kennaway wrote:
> uucp binaries in question. uustat is executed by default by root in
> /etc/periodic.
uustat must be executed by 'su -m uucp' in any case.
> There are other consequences of the underlying vulnerability (full
> read/write access to the /var/spool/uucp directories, for example), so
It can't be fixed without total UUCP redesign, it is their problem, not
ours.
-- Andrey A. Chernov http://ache.pp.ru/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Kris Kennaway: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- Previous message: Andrey A. Chernov: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- In reply to: Kris Kennaway: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- Next in thread: Andrey A. Chernov: "Re: Fwd: Multiple vendor 'Taylor UUCP' problems."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
