mp@mit-eddie.UUCP (Mark Plotnick) (07/26/83)
Well, it's finally happened; someone discovered that /usr/spool/uucp is writable, and went deleting some requests and editing the LOGFILE. Does anyone have some fixes that will allow uucp to have (1) a nonwritable spool directory, (2) nonwritable spool files, and (3) (preferably) nonreadable spool files? A partial solution to #2 is to just make the various uucp programs (uux, uucp, and uucico) run with a umask of 002 or 022. Also make sure that they really run as uucp and not root (if you run 4.1bsd, turn on the MELB flag in your kernel makefile so that setuid bits are honored even for root). As for the other two items, the problem is that the uucp that comes with 4.1bsd treats the spool directory as any other directory, i.e. it won't write in it unless it's mode 777, and the files have to be publically readable. Mark