Xref: utzoo comp.mail.misc:2280 comp.mail.uucp:3438
Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.milw.wisc.edu!cs.utexas.edu!tut.cis.ohio-state.edu!rutgers!bellcore!att!chinet!les
From: les@chinet.chi.il.us (Leslie Mikesell)
Newsgroups: comp.mail.misc,comp.mail.uucp
Subject: Re: How do you "kill" a message in uucp?
Summary: no way to check security
Message-ID: <9237@chinet.chi.il.us>
Date: 11 Aug 89 04:53:26 GMT
References: <119830@sun.Eng.Sun.COM> <312@galadriel.bt.co.uk> <120415@sun.Eng.Sun.COM>
Reply-To: les@chinet.chi.il.us (Leslie Mikesell)
Followup-To: comp.mail.misc
Organization: Chinet - Public Access Unix
Lines: 29

In article <120415@sun.Eng.Sun.COM> argv@sun.UUCP (Dan Heller) writes:
[ ..remote uustat server to kill jobs..]

>> How would you specify the message that you wanted to kill ? And if you
>> could then how would you stop other people blatting your outgoing mail ?

>Uucp just sent you a message saying, "to kill the mail, issue the command
>uustat -k..."  Well, you simply mail that same job number to the uustat
>server.  If the job is still queued, it has the envelope for the message
>going out -- just check that address against yours and verify that they
>are the same. 

The problem here is that it is trivial to fake authorship of uucp
mail.  SysV mail uses the environment variable LOGNAME as the
sender, so:
LOGNAME=you mail somewhere!someone
is all it takes.

>Further, the uustat server could also reply to queries about what's in its
>queue -- that way, you could check on things that are outgoing from that site.

This might be the ticket. Receiving mail is fairly secure, so if the uustat
server mailed you back a magic cookie id that couldn't be obtained any other
way, knowing that id could allow you to delete the job.  If you fake the
sender's name on the outgoing message, the real user will get the returned
information. The normal uustat id number would not work as well, since it
can be obtained by anyone with access to the machine.

Les Mikesell