Dear All,
I asked why /usr/bin/mh/inc and /usr/bin/mh/msgchk need to be setuid
(prompted by a report from Lamont Granquist that inc has a security
hole).
Thanks to Dan Riley and Mike Iglesias who made very similar
comments. I'll quote Dan Riley:
> As far as I know, inc and msgchk are setuid just so they can open a
> privileged port for the "rpop" protocol, which is basically pop with
> rsh/rlogin style trusted port authentication. If you aren't using
> rpop (e.g. if you have a locally visible mail spool area), then you
> can safely remove the suid bit.
Our mail spool area is NFS-mounted (I know this is said to be
unreliable, but it seems to work OK here), so I have gone ahead and
removed the setuid bit from inc and msgchk. No complaints so far: if
anyone squeals I will send another summary.
Bob
==============================================================
Bob Vickers R.Vickers_at_dcs.rhbnc.ac.uk
Dept of Computer Science, Royal Holloway, University of London
WWW:
http://www.cs.rhbnc.ac.uk/home/bobv
Phone: +44 1784 443691
Received on Tue Jan 26 1999 - 17:05:01 NZDT