Predictable

Brandon S. Allbery allbery at ncoast.UUCP
Fri Nov 25 04:50:19 AEST 1988


In his article <120 at minya.UUCP> ["Re: Predictable"], jc at minya wrote:
+---------------
| Most people understand that it isn't quite fair to criticise a
| security package's failures when it is not running.  When they
| ask why sendmail needs to run with security suppressed, I just
| say "I don't know; its major competitor (uucp) doesn't require
| suppressing Unix security, and it runs fine."  
+---------------

Uucp, going through the password file (except on att.att.com, where it goes
through /usr/lib/uucp/Permissions and is even more secure as a result), has
plenty of security to play with.  But the network entry point to sendmail is
via a particular Internet port; while a random user cannot alter the shell
for another user in /etc/password and cannot replace /usr/lib/uucp/uucico
with another program (or so we hope), if the SMTP port weren't root-only
*any* user could arrange for their own program to listen on the SMTP port
and wreak all kinds of havoc on other systems.  Or at minimum could read
anyone's incoming net mail.  Fun, eh?

I'm not certain what to do about it, I'm not a network maven.  Except that
perhaps network ports should be handled the same way serial ports are; then
*any* (incoming) port could be used to handle mail, and the "shell" for the
port would be /usr/lib/sendmail.  (In fact, one could use the same password
file and thereby get SMTP over serial ports and an automatic "rlogin" (well,
maybe "telnet") mechanism on Inet ports.)  Remote mounts could log in to
rmountd, etc.

Anyone with a bit more knowledge about networking want to tell me what's
wrong with this?  What would break (yes, I know, *everything* at first --
but is there anything that absolutely depends on the current setup?) and
what would require a prohibitive amount of rewriting?  I'm just tossing out
random ideas; they may not be useable as is, but may contain ideas that
*can* be used in some other form....

++Brandon
-- 
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery  <PREFERRED!>	    ncoast!allbery at hal.cwru.edu
allberyb at skybridge.sdi.cwru.edu	      <ALSO>		   allbery at uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
      Send comp.sources.misc submissions to comp-sources-misc@<backbone>.



More information about the Comp.unix.wizards mailing list