cops security report questions

cops security report questions

Post by Ken Weaverli » Fri, 18 Jan 1991 11:42:42

Just got the latest cops package and installed it on my system. It pointed
out quite a few things, some of which I have questions on why...

First, the prelims. The systems are AT&T Sys V/386 boxes. These boxes are
NOT on the net yet, the account I'm posting on is a student account at the
U of Del. (So if I have a glaring problem, don't think you can exploit it! :-)

1) Disk devices world readable. I can understand why this is a problem. I
   have already changed this but was wondering why the manufacturer (Prime)
   shipped it with the disk devices as 644...

2) "uudecode creates set uid files" OK, I checked this and it will create
    a 4755 file, but owned by me. (uudecode is NOT setuid to uucp). Why is
    this a problem? I got source to uude/encode from uunet a year or two
    ago and compiled it. It isn't a vendor supplied program on this box.

3)  /usr/spool/uucp and /usr/spool/uucppublic are 777... OK, this looks
    weird even to a thick person like me. But this is how it was shipped.
    Is there a reason to the madness here?  All programs that I can think
    of that need to get in there (uucico, uux, etc) are setuid to uucp,
    so I see no need for it to be 777. Would changing to 775 or 770 break
    anything (I am running HDB uucp...)

I really appreciate this program. Being force to be a jack-of-all trades
(admin for UNIX, PRIMOS, MS/DOS, and MACINTOSH networks) I really appreciate
any help available.

Thanks for any help (and happy World War III -- let's pray it's a quick
and not too *y one and that some good will come out of this in the end...)



cops security report questions

Post by Steve Rik » Sat, 19 Jan 1991 03:53:56

Sorry to waste bandwith, but where can we get the cops package
via ftp?


cops security report questions

Post by Dan Farm » Sat, 19 Jan 1991 08:07:08

>Sorry to waste bandwith, but where can we get the cops package
>via ftp?

  My personal stash of version 1.02 is at, in
~ftp/pub/cops/1.02 (or 1.01 if you like old code); version 1.01 is available
on, etc.  Version 1.03, which will include a full rewrite in
perl (as well as the shell sources), will be sent to comp.unix.sources in
the next month or two.

 -- dan


1. AIX security settings & COPS reporting.

 We are trying to setup the most secure Unix environment as possible
using IBM's AIX os version 4.1.  We will be auditing internally and
using cops.  Does anyone have a checklist for AIX and a good COPS
list of checks?

Cheers. --grish
   Dr. David D. Grisham, Security Admin. Phone (505) 277-8032 FAX 277-8101

   Univ. of New Mexico, Albuquerque, NM 87131

2. S3 ViRGE Video Chipset

3. cops false report

4. gnome panel core dump

5. COPS suid.chk report

6. HELP- Linux/XConfig on a Dell

7. Where to find the newest version of COPS or similar security checking tools?

8. Unix C Book!

9. COPS or any other security software for Solaris 2.x.

10. COPS/security programs under Solaris2.X?

11. COPS security package

12. COPS - Security tool

13. Security Issues. Cops.