Inexpensive, effective mixed-platform Network Security using Linux-based solutions. 

 
Horizon Network Security™
phone: +1 770-662-8321, email: support@VerySecureLinux.com

 
Our Publications

LINKING UP WITH THE OUTSIDE WORLD

An introduction to UUCP

by Bob Toxen

Officially, UUCP is short for UNIX to UNIX copy program. But in addition to a program for copying files between UNIX computers, UUCP offers users a means of executing programs remotely and sending network mail. Because of this, I prefer to think of UUCP as meaning UNIX to UNIX communications package.

The program to copy files is called UUCP and works similarly to the cp utility. It takes two (or more) arguments and copies the first file (and any subsequent files) to the last filename (which may be a directory). Each argument, except the last, should be the name of a file and may be preceded by a system name. The system name should be separated from the filename by an exclamation mark (!), pronounced by UNIX buffs as "bang."

For instance, to copy the file flight from your local system to one called xorn, give the command:


  % uucp -m -njill flight xorn\!~jill/flight

or

  $ uucp -m -njill flight xorn!~jill/flight

The first command line would be used with the C shell while the second would be used with the Bourne shell. As you might have guessed, I threw in a few tricks. First, the -m flag tells uucp to send you mail when the copy finishes. This is important because uucp merely queues up a request to do the copy. The copy operation itself may not occur for several hours depending on how uucp is configured (on both systems) and what phase the moon is in.

The second trick I used, -njill will cause uucp to send mail to the account called jill on the other system (named xorn) when the operation is done. Third, since I do not know Jill's home directory path, I specified ~jill. This will be converted to her home directory's full pathname on xorn by uucp and so will work with both the C shell and the Bourne shell. C shell users must precede the ! separating the system name from the account name with a backslash (\) since C shell normally treats exclamation marks as special characters.

SECURITY AND PERMISSIONS

A common problem with using the uucp command appears in the area of permissions. Not only must users tussle with the usual assortment of UNIX file system permissions -- they must also thread their way through an additional group of requirements. The source file flight in our example must be readable by everyone. Also, the directory it is in (our current directory in this case) and all directories leading to it must be readable and executable by everyone. The destination file -- if it exists -- must also be writable by everyone. If a destination file does not exist, the directory in which you intend to create a new file must be writable by everyone. In any case, all directories leading to the file you create or modify must be readable and executable -- just as the source directories must be.

Most people do not want their login directories writable by everyone because if they were, anyone could remove files, either by accident or on purpose. I solve this problem by creating a subdirectory under my login directory called uucp, which I make writable by all. Also, I make sure that any confidential files are not readable by others so as to prevent someone on another system from using the uucp command to copy confidential material to their system.

Because many users are not computer security experts and do not want to worry about file permissions, many system administrators configure uucp to allow only file transfers to and from pathnames beginning with /usr/spool. The directory /usr/spool/uucppublic, which is readable, writable and executable by all, is provided for users to send and receive files. Thus to send the file flight, one would give the commands:


  % chmod 755 flight
  % cp flight /usr/spool/uucppublic
  % uucp -m -njill ~uucp/flight xorn\!~uucp

In this case, we assume the C shell is used. There should be an account called uucp on each system with a login directory of /usr/spool/uucppublic so that the C shell will know how to expand ~uucp on the local system. Any occurrences not expanded by the shell will be expanded by uucp. Jill would then enter:

  % mv ~uucp/flight .

To move the file inter her login directory.

REMOTE PROGRAM EXECUTION

The program called uux is used for remote program execution. You can invoke one program or you can invoke several by having the output of one program piped to the input of the next. Standard input and standard output may be redirected to and from files on other systems. For example, if you are on the system called sauron and you want to know who is logged into the system called xorn, you could issue the command:

  % uux "xorn\!who > sauron\!~uucp/who.xorn"

The program uux will cause the who command to be invoked on xorn and will accumulate the output in a temporary file before using uucp to transfer that file back to the file /usr/spool/uucppublic/who.xorn on sauron. Alternatively, you could mail the results back, like so:

  % uux "xorn\!who | mail (sauron\!bob)"

Note the parentheses around sauron\!bob to tell uux not to interpret it as an input file. Otherwise, uucp would see sauron\!bob as an argument to rmail. It would be instructive to issue the commands listed in Figure 1 and examine the results (even if your system is not configured to allow them).

We can do more sophisticated operations -- such as printing files from many systems -- like so:


  % uux "xorn\!lpr sauron\!~bob/foo \
    dragon\!/usr/007/sphere"

Most administrators only allow certain commands to be executed via uux for security reasons.

Sending remote mail is very easy. To send mail to a remote system, simply give the system name and the account name separated by an exclamation mark. Thus, to send mail to jim on system its, give the command:


  % mail its\!jim
  What did you think of that talk?  Pretty good, huh?
  I'll be waiting to hear from you.

  Bob
  ^D
  %

Unlike the other commands, mail can send data through intermediate systems. Thus, I could give the command:

  % mail olympus\!ucbvax\!dual\!fair
  When will the next release of the
  net-news software package be ready?
  Will you be at UniOps?

  Bob
  ^D
  %

This will send the message to olympus which will forward it to ucbvax, which in turn will forward it to dual, where it finally will be placed in the fair account.

Under System V, the restrictions against using uucp to transfer files to and from systems other than those that talk directly to yours have been lifted. The file must originate in /usr/spool/uucppublic and be sent to the same directory on the destination system. These indirect transfers may be controlled with the ORIGFILE and FWDFILE files in /usr/lib/uucp so as to keep bad guys from getting into your system.

NET ADDRESSES

To send mail to someone, all you need to know is the path to that person's system. Most people know the path from their system to one of the major mail exchanges, called backbone sites. The paths between these installations are well known so you should be able to derive a path to the system you are trying to send mail to if you can simply learn the path from it to one of the backbone sites.

For example, my path from ucbvax is: ucbvax!Shasta!olympus!bob. If I want to send mail to someone whose path from ihnp4 is ihnp4!mitse!bonzo!ronnie, I would give the command:


  % mail Shasta\!ucbvax\!ihnp4\!mitse\!bonzo\!ronnie
  <text of message>
  ^D
  %

The UUCP network is connected to various other networks. For example, olympus is the gateway to the Silicon Graphics Ethernet, which has dozens of workstations, smart graphics terminals and VAXen communication via IP/TCP and XNS at 10 Mbaud. The UUCP network is also tied into the ARPANET at numerous sites.

Addresses are specified differently on ARPANET. On each ARPANET system, the paths to every other site are stor (there are far fewer ARPANET outposts than UUCP sites, which numbered at least 3000 at last count). ARPANET users also use an at-sign (@) instead of a bang character (!) and put the user name to the left of the system name.

Thus, an account called berch on a system called LLL-TIS would be referenced as berch@LLL-TIS.



% echo hello > ~uucp/foo
% uux "xorn\!echo sauron\!~uucp/foo    >sauron\!~uucp/1"
% uux "xorn\!echo (sauron\!~uucp/foo)  >sauron\!~uucp/2"
% uux "xorn\!ls -l sauron\!~uucp/foo   >sauron\!~uucp/3"
% uux "xorn\!ls -l (sauron\!~uucp/foo) >sauron\!~uucp/4"
% /usr/lib/uucp/uucico -r1 -sxorn

Figure 1 -- Illustrative UUCP commands you may wish to try yourself.

If I wanted to send mail to berch, I would have to send the letter to a gateway system that understands the ARPANET syntax. One path might be:


  % mail Shasta\!berch@LLL-TIS

Here, we use Shasta as the gateway. Since our system, olympus, does not understand the ARPANET syntax, it just sends the whole mess to Shasta for sorting when it sees the ! after that site name.

Note that a site does not actually have to be on the ARPANET to know how to deal with it. We could even teach olympus to recognize at-signs and know that it talks to a station on the ARPANET (Shasta). We could then give the command:


  % mail berch@LLL-TIS

and the olympus mailer could convert it to:

  % mail Shasta\!berch@LLL-TIS

But olympus runs 4.2 BSD and does have the software to do this.

A domain name is sometimes appended to the address. A domain, essentially, is the name of a network containing a number of systems. In mail's "From" line, it is preceded by a period (.) and is usually listed in capital letters. Thus a letter might be from:


olympus!bob@su-shasta.ARPA

If you wanted to send mail to this person from your system you would throw away the .ARPA, knowing that su-Shasta is the ARPANET name for a gateway to the UUCP network whose UUCP name is Shasta. Thus it translates to:

  Shasta!olympus!bob

Note that the first form (without .ARPA would be used to send mail from an ARPANET site.
Bob Toxen is a member of the technical staff at Silicon Graphics, Inc. He has gained a reputation as a leading uucp expert and is responsible for ports of System V for the Zilog 8000 and System III for the Motorola 68000.
Copyright © 1984, 2007, 2014 Robert M. Toxen. All rights reserved.
Back