weave@brahms.udel.edu (Ken Weaverling) (01/17/91)
Just got the latest cops package and installed it on my system. It pointed
out quite a few things, some of which I have questions on why...
First, the prelims. The systems are AT&T Sys V/386 boxes. These boxes are
NOT on the net yet, the account I'm posting on is a student account at the
U of Del. (So if I have a glaring problem, don't think you can exploit it! :-)
1) Disk devices world readable. I can understand why this is a problem. I
have already changed this but was wondering why the manufacturer (Prime)
shipped it with the disk devices as 644...
2) "uudecode creates set uid files" OK, I checked this and it will create
a 4755 file, but owned by me. (uudecode is NOT setuid to uucp). Why is
this a problem? I got source to uude/encode from uunet a year or two
ago and compiled it. It isn't a vendor supplied program on this box.
3) /usr/spool/uucp and /usr/spool/uucppublic are 777... OK, this looks
weird even to a thick person like me. But this is how it was shipped.
Is there a reason to the madness here? All programs that I can think
of that need to get in there (uucico, uux, etc) are setuid to uucp,
so I see no need for it to be 777. Would changing to 775 or 770 break
anything (I am running HDB uucp...)
I really appreciate this program. Being force to be a jack-of-all trades
(admin for UNIX, PRIMOS, MS/DOS, and MACINTOSH networks) I really appreciate
any help available.
Thanks for any help (and happy World War III -- let's pray it's a quick
and not too bloody one and that some good will come out of this in the end...)
--
>>>---> Ken Weaverling >>>----> weave@brahms.udel.edusteve@archone.tamu.edu (Steve Rikli) (01/18/91)
Sorry to waste bandwith, but where can we get the cops package via ftp? Steve Rikli steve@archone.tamu.edu
df@sei.cmu.edu (Dan Farmer) (01/18/91)
In article <11306@helios.TAMU.EDU> steve@archone.tamu.edu (Steve Rikli) writes: >Sorry to waste bandwith, but where can we get the cops package >via ftp? My personal stash of version 1.02 is at cert.sei.cmu.edu/128.237.253.5, in ~ftp/pub/cops/1.02 (or 1.01 if you like old code); version 1.01 is available on uunet.uu.net, etc. Version 1.03, which will include a full rewrite in perl (as well as the shell sources), will be sent to comp.unix.sources in the next month or two. -- dan