Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site linus.UUCP
Path: utzoo!linus!smk
From: smk@linus.UUCP (Steven M. Kramer)
Newsgroups: net.unix-wizards
Subject: Re: Unix Security List
Message-ID: <117@linus.UUCP>
Date: Thu, 21-Jul-83 13:16:05 EDT
Article-I.D.: linus.117
Posted: Thu Jul 21 13:16:05 1983
Date-Received: Thu, 21-Jul-83 20:50:23 EDT
References: <3247@sri-arpa.UUCP>
Organization: MITRE Corp., Bedford MA
Lines: 22

OK -- there are many problems with UNIX.  We have 4.1 and have had security
problems in the past.  Let's start with mail.  Rather than give the
penetration scenarios, this list the fixes to mailing:
in /usr/src/cmd/mail.c: put a setuid(getuid()) before the call to delivermail.
/usr/src/cmd/delivermail/deliver.c: put a if(access(filename,2)!=0)return(CANTCREATE);
	before the fopen(filename,"a")
/usr/src/cmd/mail.c: make MAILMODE ~0600
/usr/src/cmd/ucbmail/lex.c: after the check for 'No mail for %s' do a stat
	and see if the file is empty.  If so, also print 'No mail for %s'
	and return(-1);
/usr/lib/Mail.rc : make sure 'set keep' is in (to truncate rather than delete
	null mail files from /usr/spool/mail.  Note this is because in 4.1
	close(creat) calls itrunc() in the OS and doesn't touch the directory,
	which bring us to the next and final step:)
/usr/spool/mail: make mode 711

Now, mail is secure for your machine.  Next step is uucp, but I haven't done
that fully yet.
-- 
--steve kramer
	{allegra,genrad,ihnp4,utzoo,philabs,uw-beaver}!linus!smk	(UUCP)
	linus!smk@mitre-bedford						(ARPA)