Path: utzoo!attcan!uunet!mcvax!unido!nixpbe!mboen
From: mboen@nixpbe.UUCP (Martin Boening)
Newsgroups: comp.mail.uucp
Subject: Uucp Security
Keywords: I/O Redirection
Message-ID: <140@nixpbe.UUCP>
Date: 1 Dec 88 13:00:27 GMT
Organization: Nixdorf Computer AG, Paderborn, Germany
Lines: 30

Recently I had a problem with two suns connected via direct link using
uucp. Any kind of I/O-Redirection didn't work. Things like

uux - "remotesys!command" < inputfile

resulted in XQT DENIED on the remote system as did things like

uux "remotesys!command < !inputfile"

(L.cmds allowed the command and it worked fine if no redirection occured
anywhere in the uux- command.

When I called at Sun and asked about this, I was told, that for security
reasons I/O-Redirection had been eliminated from the uucp supplied by
Sun. I couldn't get a more specific description from them.

My question now is, why does stuffing the standard input for uux into the
standard input of the invoked remote command pose a security problem ?
Why, indeed, does any redirection of standard input for the remote command
to a file on the local (invoking) system pose a risk ? (Especially since
execution of a shell is not allowed by L.cmds)

Any helpful hints are appreciated, as we are doing some work on security
at the moment. (flames, however, will be copied to /dev/null)

Thanks a lot

Martin:

Email: mboen@nixpbe.UUCP