Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site gitpyr.UUCP
Path: utzoo!linus!gatech!gitpyr!robert
From: robert@gitpyr.UUCP (Robert Viduya)
Newsgroups: net.wanted
Subject: C-Kermit on a 3B2 - secure line locking
Message-ID: <660@gitpyr.UUCP>
Date: Fri, 16-Aug-85 19:01:39 EDT
Article-I.D.: gitpyr.660
Posted: Fri Aug 16 19:01:39 1985
Date-Received: Mon, 19-Aug-85 08:14:00 EDT
Organization: Georgia Tech, Atlanta
Lines: 32
Keywords: kermit uucp line locking

I just recently got C-Kermit 4C(055) and brought it up on a 3B2 running
System V Rel 2.  I'm trying to use it on a line that uucp also uses and
I'm not sure how to do this without making a potential security problem
and still giving ordinary users full access to the line.  I don't want
to modify the code.  That leaves me with a two other solutions: 1) make
kermit setuid to something (it doesn't handle this correctly (i.e. no
'setuid (getruid ())' or equivalent), so this isn't a valid solution)
and 2) make the tty line as well as /usr/spool/locks readable and writable
by everyone (nasty if someone decides to get malicious).  I'm not too
concerned about the 3B2, since I know/trust all the users on it (it's
a intra-departmental machine), but I'll soon be bringing up the same
kermit on a couple of 3B20s that's open to the whole campus and I'd like
to solve the security problem first.

About two or three months ago, there was a discussion on this very topic
in fa.info-kermit which I, silly me, neglected to pay attention to.  Now
I need the information.  Does anyone have an archive of those messages
and is willing to send me a copy?

Or, if you have any information on how to solve the problem, could you
send me some mail?

Thanks in advance...

					robert
-- 
Robert Viduya							01111000
Georgia Institute of Technology

UUCP:   {akgua,allegra,amd,hplabs,ihnp4,masscomp,ut-ngp}!gatech!gitpyr!robert
        {rlgvax,sb1,uf-cgrl,unmvax,ut-sally}!gatech!gitpyr!robert
BITNET:	CCOPRRV @ GITVM1