Major security problem in the UA: looking for a real fix
Brant Cheikes
brant at manta.UUCP
Sun Feb 14 05:35:23 AEST 1988
In article <114 at hodge.UUCP> rusty at hodge.UUCP (Rusty Hodge) writes:
>Let's face it: the UA is *evil*. Get rid of it. Hide it in a nested
>directory and take away its execute privledges. Make it go away.
For those who don't need to give ua access to "non-trusted" users, the
simplest solution seems to be:
1. Create a new group in /etc/group, say "guest".
2. Put all non-trusted users in the guest group (all "trusted"
users remain in the "users" group)
3. chgrp users /usr/bin/ua
4. chmod o-rwx /usr/bin/ua
Now, only the superuser and members of the "users" group can execute
the user agent.
--
Brant Cheikes
University of Pennsylvania
Department of Computer and Information Science
ARPA: brant at linc.cis.upenn.edu, UUCP: ...drexel!manta!brant
More information about the Unix-pc.general
mailing list