UUCP gives users on other systems access to your computer. By default, remote users can only write data to your public directory; they cannot read any data nor can they execute any commands.

However, remote users potentially could copy files to your file system or from your file system. They could also run commands on your system. How do you ensure that they do not remove files you want, read your private files, or run commands that damage your system? In short, how do you keep your UUCP system secure?

Authorization is the highest level of security. Only those with the current NUUCP password can access your system and even then, only authorized systems can use it. There is one catch, however, and that is when more than one system is involved in the file transfer (a multi-hop transfer). If South allows North access, there is nothing South can do to prevent North from giving West the ability to use North as an intermediary node between South and West. South cannot differentiate between requests originating from North and requests being forwarded through North.

To deal with the security issues of access and execution, UUCP uses the concept of permissions. For each directly connected system, you assign access permissions to look at a specific portion of your file system and execute permission to run certain commands.

Permissions can be broad or restrictive. If you are using UUCP to connect a group of machines in your office, you might want everyone to have access to all the files and be able to run all of the commands on each machine. On the other hand, you might not want private files to be made public.

For example, imagine a central office with many branch offices. The central office uses remote commands to run reports in each branch office, and send the results back to the central office. The central office needs permission to run the command that produces reports, and it needs permissions to read and write the associated files. People on other systems do not need those files or permissions. In fact, it could be dangerous to the company to allow those permissions to anyone else.

If one of the branch offices has a connection to a different UUCP network, private information could go out worldwide. The branch office denies that outside connection permission to run any commands which produce reports or to read those files. It limits the outside system to reading and writing in a small part of the file system, perhaps one directory. This directory is the only part of the file system that all other UUCP systems can read or write — it's public. Not surprisingly, this directory is called the public UUCP directory.