8.6. How can the UNIX PC be made more secure?

	The best way to not worry about security is to not allow users
on your machine that aren't trusted.  Especially users that have shell

	There are several serious problems with the UNIX PC's
software, specifically the User Agent (UA).  The UA (the windowing
environment, also known as the Office environment) has some serious
security problems.  The best solution, of course, would be to remove
the entire UA system from your machine.  This isn't the easiest
procedure (since there are lots of programs scattered all around the
disk that are tied into the UA) and probably not the most desirable
for some novice users.  What's so wrong with it?  Well, look in your
trusty manuals, in section 4.  The manual UA(4) states (talking about
UA configuration files):

	[...] (page 4)
	EXEC and SH have a number of variations, which are used depending
	on the intelligence of the process being invoked. 
	The variations are specified via option characters as follows:

		-n	Run the process without a window
		-w	Run the process without waiting
		-d	Run the process in a dimensionless window
		-p	Run the process with superuser privileges

	The "-p" option being the problem.  For a little experiment to
show to a security conscious user (who still likes the UA), start out
in a non-privileged user account.

	First create a file in your home directory called "Office"
with the following lines:

		Name=Super User UNIX
		Default = Run
		Run=EXEC -pwd $SHELL

	Then type:

		$ exec /usr/bin/ua

	Select the new object that you just created ("Super User
UNIX") and then at the "#" prompt type "id" for the effect.

		# id
		uid=0(root) gid=0(root)

	OK, convinced?

	If you really *LOVE* the UA, you can do something about this.
Protect the programs /usr/lib/ua/uasetx and /usr/lib/ua/uasig so they
are not executable by "other" and only executable by a "trusted" group.

    -rwsr-x---  1 root    trusted    4268 Jan  1  1970 /usr/lib/ua/uasetx
    -rwsr-x---  1 root    trusted    2068 Jan  1  1970 /usr/lib/ua/uasig

	Another problem involves UA mail-handling.  Send yourself some
electronic mail.  Nothing elaborate is necessary.

		$ mail myself < /dev/null

	Select the [mailbox] icon when it comes up, and then when
you're in /bin/mail, at the "?" prompt type "! /bin/sh".  Poof!  Root

		# id
		uid=0(root) gid=0(root)
		# pwd

	This last problem can easily be corrected with Lenny
Tropiano's "email" program that is archived on OSU as "email.sh.Z".
That program sets the correct user id, group id, and home directory.

	The other things to look for are covered in lots of books on
UNIX security: directories with 777 permissions (world writable),
setuid programs that aren't very security conscious, etc.

Parent document is top of "comp.sys.3b1 FAQ part2"
Previous document is "8.5. What do I do when the machine hangs at the boot message?"
Next document is "8.7. How do I access the expert menus in the diagnostics?"