On Thu, 10 Feb 2005 18:11, Andrew Errington wrote: > On Thu, 10 Feb 2005 17:40, you wrote: > > Is this any use? I haven't read to the end, my home brew is complaining > > about being locked in the fridge, I must go and release it. > > > > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=126406 > > Well this is definitely related, but there did not seem to be a final > satisfactory solution unless I did not get the gist of the thread, and > besides, it's not in Woody. > > So far I have done the following, based on bug reports and workarounds: > > 1) Remove 'auth' from /etc/ppp/options > 2) Add users to 'dialout' and 'dip' groups > 3) SUID on pppd > > (actually I haven't done 3 yet, but I will, and it seems more satisfactory > to me, and remove SUID on kppp). > > I am setting up dialup for someone else tonight, and I will do these three > simple things because I cannot find a definitive statement on how to get > kppp going on Debian 3.0 out of the box. You have all been very helpful > however with clues and pointers, and for making sure I don't do something > *really* stupid.
fwiw, my belief is that one should never set a program SUID unless there is absolutely no other way around the problem. The other way around this particular problem is to set the device and lock files to have read and write group permissions set, and then run the programs with the SGID bit set. This is useful because it means that you cannot dial-out unless you are in the 'dialout' group. Exploitation of that fact is, imho, sometimes desirable when there are young children in the household. ps. wvdial is just magic at coping with all this nonsense virtually automatically. pps. Pretty full explanations about ppp are available at:- http://www.icon.co.za/~psheer/book/node44.html.gz ppps. Automatic dial-out is to all intents useless now-a-days because of the level of 'background radiation'. Even on a dial-up line probes of one sort and another happen every minute or two. Each one acts as a reset for the timer, so the line seldom gets dropped as it should. -- Sincerely etc., Christopher Sawtell
