Contents:
About UUCP
Versions of UUCP
UUCP and Security
Security in Version 2 UUCP
Security in BNU UUCP
Additional Security Concerns
Early Security Problems with UUCP
UUCP Over Networks
Summary
UUCP is the UNIX -to -UNIX Copy system, a collection of programs that have provided rudimentary networking for UNIX computers since 1977.
UUCP has three main uses:
Sending mail and news to users on remote systems
Transferring files between UNIX systems
Executing commands on remote systems
Until recently, UUCP was very popular in the UNIX world for a number of reasons:
UUCP came with almost every version of UNIX ; indeed, for many users, UUCP used to be the reason to purchase a UNIX computer in the first place.
UUCP required no special hardware: it runs over standard RS-232 serial cables, and over standard modems for long-distance networks.
UUCP can store messages during the day and send them in a single batch at night, substantially lowering the cost of phone-based networking.
The UUCP programs also allow you to connect your computer to a worldwide network of computer systems called Usenet. Usenet is a multihost electronic bulletin board with several thousand special interest groups; articles posted on one computer are automatically forwarded to all of the other computers on the network. The Usenet reaches millions of users on computer systems around the world on every continent.
In recent years, interest in UUCP has declined for a number of reasons:
UUCP was designed and optimized for low-speed connections. When used with modems capable of transmitting at 14.4 Kbps or a faster rate, the protocols become increasingly inefficient.
New network protocols such as SLIP and PPP use the same hardware as UUCP , yet allow the connecting machine to have access to the full range of Internet services.
UUCP links that were used to provide access for one or a few people are being replaced with dial-up POP (Post Office Protocol) and IMAP servers, which allow much more flexibility when retrieving electronic mail over a slow connection and which are easier to administer.
Thus, while UUCP is still used by a number of legacy systems, few sites are installing new UUCP systems.
Nevertheless, a working knowledge of UUCP is still important for the UNIX system administrator for a number of reasons:
Even if you don't use UUCP , you probably have the UUCP programs on your system. If they are improperly installed, an attacker could use those programs to gain further access.[1]
[1] For this reason, you may wish to remove the UUCP subsystem (or remove the SUID/SGID permissions from the various UUCP executables) if you have no intention of using it.
If you are a newly hired administrator for an existing system, people could be using UUCP on your system without your knowledge.
The UUCP programs are still used by many sites to exchange netnews. Thus, your computer may be using UUCP without anybody' s knowledge.[2]
[2] Rich Salz's Internet News system (INN) provides an excellent means for sites on the Internet to exchange netnews without relying on UUCP.
The Nutshell Handbook Using and Managing UUCP (O'Reilly & Associates) describes in detail how to set up and run a UUCP system, as well as how to connect to the Usenet. This chapter focuses solely on those aspects of UUCP that relate to computer security.
From the user's point of view, UUCP consists of two main programs:
uucp , which copies files between computers
uux , which executes programs on remote machines
UNIX 's electronic mail system also interfaces with the UUCP system. As most people use UUCP primarily for mail, this chapter also discusses the mail and rmail commands.
The uucp command allows you to transfer files between two UNIX systems. The command has the form:
uucp [flags] source-file destination-file
UUCP filenames can be regular pathnames (such as /tmp/file1 ) or can have the form:
system-name!pathname
For example, to transfer the /tmp/file12 file from your local machine to the machine idr, you might use the command:
$ uucp /tmp/file12 idr!/tmp/file12 $
You can also use uucp to transfer a file between two remote computers, assuming that your computer is connected to both of the other two machines. For example, to transfer a file from prose to idr, you might use the command:
$ uucp prose!/tmp/myfile idr!/u1/lance/yourfile $
For security reasons, UUCP is usually configured so that files can be copied only into the /usr/spool/uucppublic directory: the UUCP public directory. Because /usr/spool/uucppublic is lengthy to type, UUCP allows you to abbreviate the entry with a tilde (~):
$ uucp file12 idr!~/anotherfile $
Notice that you can change the name of a file when you send it.
The above examples were all typed with sh , the Bourne shell. They will not work as is with the C shell. The reason for this is the csh history feature.[3]
[3] The ksh also has a history mechanism, but it does not use a special character that interferes with other programs.
The C shell's history feature interprets the exclamation mark as a command to recall previously typed lines. As a result, if you are using csh and you wish to have the exclamation mark sent to the uucp program, you have to quote, or "escape," the exclamation mark with a backslash:
% uucp /tmp/file12 idr\!/tmp/file12 %
The uux command enables you to execute a command on a remote system. In its simplest form, uux reads an input file from standard input to execute a command on a remote computer. The command has the form:
uux - system\!command < inputfile
In the days before local area networks, uux was often used to print a file from one computer on the printer of another. For sites that don't have local area networks, uux is still useful for that purpose. For example, to print the file report on the computer idr , you might use the command:
$ uux - "idr!lpr" < report $
The notation idr!lpr causes the lpr command to be run on the computer called idr . Standard input for the lpr command is read by the UUCP system and transferred to the machine idr before the command is run.
Today, the main use of uux is to send mail and Usenet articles between machines that are not otherwise connected to LANS or the Internet.
You can use the uux command to send mail "by hand" from one computer to another by running the program rmail on a remote machine:
$ uux - "idr!rmail leon" Hi, Leon! How is it going? Sincerely, Mortimer ^D $
The hyphen (-) option to the uux command means that uux should take its input from standard input and run the command rmail leon on the machine idr. The message will be sent to the user leon .
Because people send mail a lot, the usual UNIX mail command understands UUCP -style addressing, and automatically invokes uux when in use. [4]
[4] There are many different programs that can be used to send mail. Most of them either understand UUCP addressing or give your message to another program, such as sendmail , that does.
For example, you could send mail to leon on the idr machine simply by typing:
$ mail idr!leon Subject: Hi, Leon! How is it going? Sincerely, Mortimer ^D $
When mail processes a mail address contain an exclamation mark, the program automatically invokes the uux command to cause the mail message to be transmitted to the recipient machine.
uucp , uux , and mail don't actually transmit information to the remote computer; they simply store it on the local machine in a spool file. The spool file contains the names of files to transfer to the remote computer and the names of programs to run after the transfer takes place. Spool files are normally kept in the /usr/spool/uucp directory (or a subdirectory inside this directory).
If the uux command is invoked without its -r option, the uucico ( UNIX -to -UNIX Copy-In-Copy-Out) program is executed immediately.[5] In many applications, such as in sending email, the -r option is provided by default, and the commands are queued until the uucp queue is run at some later time. Normally, uucico is run on a regular basis by cron . However started, when the program uucico runs it initiates a telephone call to the remote computer and sends out the spooled files. If the phone is busy or for some other reason uucico is unable to transfer the spool files, they remain in the /usr/spool/uucp directory, and uucico tries again when it is run by cron or another invocation of uux .
[5] A few versions of UUCP support a -L flag to uux that acts opposite to the -r flag, and causes uucico to be started immediately.
When it calls the remote computer, uucico gets the login: and password: prompts as does any other user. uucico replies with a special username and password for logging into a special account. This account, sometimes named uucp or nuucp , has another copy of the uucico program as its shell; the uucico program that sends the files operates in the Master mode, while the uucico program receiving the files operates in the Slave mode.
The /etc/passwd entry for the special uucp user often looks similar to this:
uucp:mdDF32KJqwerk:4:4:Mr. UUCP:/usr/spool/uucppublic:/usr/lib/uucp/uucico
After the files are transferred, a program on the remote machine named uuxqt executes the queued commands. Any errors encountered during remote command execution are captured and sent back as email to the initiating user on the first machine.