The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #269 [~uucp/.forward] (1 message, 431 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/269.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: page@swan.ulowell.edu (Bob Page)
To: phage
Date: Fri 11:50:24 18/11/1988 EST
Subject: ~uucp/.forward
References: [Thread Prev: 264] [Thread Next: 271] [Message Prev: 267] [Message Next: 281]

   make the home directory for all uucp logins /usr/lib/uucp,
   not /usr/spool/uucppublic.

Couldn't a UUCP neighbor grab stuff in /usr/lib/uucp, or scribble over
any existing files (like L.sys)?  I'm assuming uucp owns /usr/lib/uucp.
Am I missing something?

   In general, any directory that is world writable should never be a home
   directory for any login.

Agreed.

..Bob

END OF DOCUMENT