Bugtraq mailing list archives
Re: uucp --config patch -- not sufficient
From: zen-parse <zen-parse () gmx net>
Date: Mon, 21 Jan 2002 21:38:54 +1300 (NZDT)
On Sun, 20 Jan 2002, Charles 'core' Stevenson wrote:
On debian the uucp and uux binaries are owned by the uucp user. ...
On OpenBSD it is (was?) even easier (assuming uucp is installed.) The daily cron job would uustat as root, which also belonged to uucp. Some more information: There is apparently an official patch on the way. On Wed, 16 Jan 2002, Ian Lance Taylor <ian () airs com> wrote:
I'm working on a new release to correct the security problem, although it will probably take me a couple of weeks to get everything organized.
-- zen-parse PS: Something I've learned from this: Try contact the program creator as well as vendors with problems, if possible. It might've got this sorted out a bit better. -- ------------------------------------------------------------------------- 1) If this message was posted to a public forum by zen-parse () gmx net, it may be redistributed without modification. 2) In any other case the contents of this message is confidential and not to be distributed in any form without express permission from the author. This document may contain Unclassified Controlled Nuclear Information.
Current thread:
- uucp --config patch -- not sufficient zen-parse (Jan 18)
- Re: uucp --config patch -- not sufficient Charles 'core' Stevenson (Jan 21)
- Re: uucp --config patch -- not sufficient zen-parse (Jan 21)
- Re: uucp --config patch -- not sufficient Charles 'core' Stevenson (Jan 21)