Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 15.5 Security in BNU UUCPChapter 15
UUCP
Next: 15.7 Early Security Problems with UUCP
 

15.6 Additional Security Concerns

UUCP is often set up by UNIX vendors in ways that compromise security. In addition to the concerns mentioned in earlier sections, there are a number of other things to check on your UUCP system.

15.6.1 Mail Forwarding for UUCP

Be sure when electronic mail is sent to the uucp user that it is actually delivered to the people who are responsible for administering your system. That is, there should be a mail alias for uucp that redirects mail to another account. Do not use a .forward file to do this. If the file is owned by uucp, the file could be altered to subvert the UUCP system. Instead, use whatever other alias mechanism is supported by your mailer.

15.6.2 Automatic Execution of Cleanup Scripts

The UUCP system has a number of shell files that are run on a periodic basis to attempt to redeliver old mail and delete junk files that sometimes accumulate in the UUCP directories.

On many systems, these shell files are run automatically by the crontab daemon as user root, rather than user uucp. On these systems, if an attacker can take over the uucp account and modify these shell scripts, then the attacker has effectively taken over control of the entire system; the next time crontab runs these cleanup files, it will be executing the attacker's shell scripts as root!

You should be sure that crontab runs all uucp scripts as the user uucp, rather than as the user root. However, the scripts themselves should be owned by root, not uucp, so that they can't be modified by people using the uucp programs.

If you are running an ancient version of cron that doesn't support separate files for each account, or that doesn't have an explicit user ID field in the crontab file, you should use a su command in the crontab file to set the UID of the cleanup process to that of the UUCP login. Change:

0 2 * * * /usr/lib/uucp/daily 

to:

0 2 * * * su uucp -c /usr/lib/uucp/daily 

On somewhat newer crontab systems that still don't support a separate crontab file for each user, change this:

0 2 * * * root /usr/lib/uucp/daily 

to:

0 2 * * * uucp /usr/lib/uucp/daily 

If you are using System V, the invocation of the daily shell script should be in the file /usr/spool/cron/crontabs/uucp, and it should not be in the file /usr/spool/cron/crontabs/root.


Previous: 15.5 Security in BNU UUCPPractical UNIX & Internet SecurityNext: 15.7 Early Security Problems with UUCP
15.5 Security in BNU UUCPBook Index15.7 Early Security Problems with UUCP