Broken rnews permissions

Olaf Titz olaf at bigred.inka.de
Thu Nov 30 20:13:32 UTC 2000


> >Is 2550, owned by uucp, setgid to group news a better way of doing UUCP
> >rnews?  I'd prefer it if it works as well.

Giving permissions based on set-GID rather than set-UID is usually the
better choice. Of course this means that all local permissions in INN
have to be GID-based (e.g. the UNIX socket, the temp directories, etc.
all have to be 770 or 660).

IIRC that is also the traditional setting for inews and rnews in older
versions of INN.

> -r-xr-s---    1 uucp     news       325316 Jan  5  1999 rnews*
>
> However this will break on systems where uuxqt is run setgid uucp,
> and according to Murphy such systems exist.

Only if uuxqt is run setgid uucp but under a UID other than uucp, and
I don't think this is ever the case (it's invoked either from uucp's
crontab or from uucico, and that has to be setuid uucp).

Olaf




More information about the inn-workers mailing list