-->On Thu, 24 Sep 92 10:45:34 EDT, smb @
Brian> Brian Utterback writes:
> CERT recommends restricting the protocols for :
> uucpd (540)
Brian> Can somebody explain why this would be on the list? I've been
Brian> through the uucpd code and didn't see anything particularly
Brian> problematic with it. Am I missing something?
>From the man page uucpd(1)
This daemon acts as a login server to start UUCP connec-
tions. First, it prompts with the word ``login:'' and waits
for the login name to be given. If there is a password for
the account (as is advisable), this is prompted for and
checked. The account used must have the login shell set to
/usr/lib/uucp/uucico to be considered valid for this type of
Once a valid login has been established, the command
/usr/lib/uucp/uucico is executed to begin the UUCP session.
If you don't want uucp connections you should definitely turn this
off. I don't know how dangerous uuxqt's are, but you could be
vulnerable to a loss of service type attack if someone started dumping
huge files into your /usr/spool/uucppublic directory.