|
Previous | Table of Contents | Next |
Now that the Device and Systems entries are configured and verified, the next step is to examine the security of the UUCP system. The normal user account protections are still in place with most UUCP accounts. One account that deviates from standard security is anonymous UUCP access, if you allow it. The login/password combination may differ from normal protection mechanisms. For this and other reasons, you should always configure your UUCP accounts to include passwords: This makes it harder for the bad guys to break into your system through UUCP. The standard issues surrounding passwords should still be considered, however.
The structure of the Permissions file enables you to control which authorizations are given to the remote system when that system calls you, and also which authorizations you have when you call a remote system. As an administrator, you may choose to use only the default values for each of the fields in the file. A sample Permissions file entry appears here:
LOGNAME=choreo \ REQUEST=yes \ SENDFILES=yes \ READ=/ \ NOREAD=/etc \ WRITE=/tmp:/usr/tmp:/usr/spool/uucppublic \ CALLBACK=no \ COMMANDS=ALL
The backslashes on each line indicate that the line continues as if it were all on one line. This example does not include all of the options, and this in a non-default entry. (Each option is explained shortly.) The default permissions associated with a login are shown as follows:
Default Permissions READ=/usr/spool/uucppublic WRITE=/usr/spool/uucppublic REQUEST=no SENDFILES=call COMMANDS=rmail
Each entry must have either a LOGNAME or MACHINE option, or both. The LOGNAME option indicates that this entry is used when the system calls in and logs in using the logname specified. MACHINE entries are for when users on your system CALL the remote machine, and not for when the remote machine calls you: that is covered by LOGNAME. LOGNAME and MACHINE entries may be combined, but they dont have to be. However, if you want complete control over systems that access your machine using UUCP, separate login ids and combined LOGNAME/MACHINE entries are necessary in the Permissions file. All of the keyword options that can be used are defined in table 3.5. The L in the CLASS column indicates that the option applies to LOGNAME entries. M is for MACHINE entries, and both means that the option is applicable to both.
Option | Class | Definition |
---|---|---|
LOGNAME | L | Specifies the login ids for remote sites that access the local site. LOGNAME=thumper LOGNAME=thumper:wabbit |
MACHINE | M | When the named machine calls your computer, this option specifies the conditions that are in effect. MACHINE=wabbit MACHINE=wabbit:bugs |
REQUEST | M, L | This option determines whether the remote system can set up UUCP transfers from your computer system. Allowable values are yes or no. REQUEST=no REQUEST=yes |
SENDFILES | L | The value of this option determines whether the called site can execute locally queued jobs during a session. A value of yes means that your system may send jobs queued for the remote site as long as it is logged in using one of the names specified in the LOGNAME field. The default value is call, which means that the queued files are sent only when the local system calls the remote system. SENDFILES=yes SENDFILES=call |
READ | M, L | Names the directories that uucico can read from when requesting files. The default is to use /usr/spool/uucppublic. Multiple directories can be named by putting colons between directory names. READ=/tmp:/usr/tmp:/usr/spool/uucppublic READ=/ |
NOREAD | M, L | Names the directories that are to be excluded from the READ list. NOREAD=/etc |
WRITE | M, L | Names the directories that uucico can write to for depositing files. As with READ, the default directory is/usr/spool/uucppublic. WRITE=/tmp:/usr/tmp:/usr/spool/uucppublic WRITE=/ |
NWRITE | M, L | Identifies the directories that are excluded in the WRITE list. NOWRITE=/etc:/bin:/usr/bin |
CALLBACK | L | Setting this value to yes instructs the local system to call the calling system back before allowing any work to be done. This is a good feature for enhanced security. Just make sure you dont set both systems to CALLBACK=yes, or nothing will get done. CALLBACK=no CALLBACK=yes |
COMMANDS | M | Defines the commands that the remote system can execute locally. The defaults are different from system to system, and are defined in the source code for uuxqt. Multiple commands can be listed by separating each with a colon. The keyword ALL is allowable and permits the use of all commands. Keep in mind, however, that this is a security problem. Do not include uucp as a command, unless you will allow other users to route UUCP jobs through your machine. COMMANDS=rmail COMMANDS=rmail:rnews:uucp COMMANDS=ALL |
VALIDATE | L | Helps validate the calling system when potentially dangerous commands are executed. The value is a list of system names that are permitted to use this logname. Multiple names may be used. VALIDATE=unilabs VALIDATE=unilabs:wabbit |
MYNAME | M | Used to circumvent the name length restrictions that were discussed earlier. Note, however, that MYNAME is used only when the local machine calls out, and not when a remote machine calls in. MYNAME=testdrive |
PUBDIR | M, L | Specifies the name of the directory used for the public UUCP directory. Typically this is /usr/spool/uucppublic. PUBIDR=/usr/ftp |
Keep in mind the following rules when defining Permissions entries for systems:
Some sample Permissions entries are shown as follows:
# # For ANONYMOUS LOGINS # LOGNAME=nuucp # With this entry, any machine that calls in and logs in using the # login name nuucp will use this LOGNAME entry, which sets the # default values for the remote machine. # # For dealing with wabbit - AT&T 7300 # LOGNAME=wabbit \ MACHINE=wabbit \ REQUEST=yes \ SENDFILES=yes \ READ=/ \ NOREAD=/etc \ WRITE=/tmp:/usr/tmp:/usr/spool/uucppublic \ COMMANDS=ALL # This entry is used when wabbit logs in to your machine, or when # you call wabbit. In both cases, the permissions are extensive and # very liberal. If you manage both machines, this shouldnt be a # problem. Notice that even though wabbit can read files from any # directory, access to /etc/ has been explicitly blocked off to # prevent the retrieval of the password file.
Previous | Table of Contents | Next |