Re: pppd and setuidness (was Re: 3 Questions)
One could make the uid of the account zero to achieve this without making pppd setuid, though I can imagine this making people jump up and down about security - can anyone think of an attack on this? If the user figures a way to change their shell, you're dead. Quite so. Similarly if there's a way of running a shell under a uid provided you know the appropriate password. AFAICT su is safe against this as long as pppd (or whatever script one uses) isn't in /etc/shells. I'd be very wary indeed of actually *trying* this! - Richard -- http://www.elmail.co.uk/staff/richard/ GCS d- s+:- a-- C++ ULVS+++$ P+++ L++ E++ W(++,--) N(++,+) o? K w--- O? M- V? PS(+,+++) PE Y+ PGP+ t- 5++ X+@ R tv--- b++ DI+ D+ G e++ h r% y++
pppd and setuidness (was Re: 3 Questions)
good question. and why isn't pppd setuid root? if it's a security issue, a ppp group would be in order. I'd say 'because it doesn't neeed to be' is a good justification. If you need to have non-root users execute ppp as root, take a look at the 'sudo' or 'super' packages. They allow you to define commands that can be executed as root by a set of users... without forcing your choice of 'this should be setuid root' programs on all other Debian users. Personally I find that the diald package is an excellent way of avoiding this whole issue. However: As someone pointed out last time this came up, when your machine is acting as a PPP server you need to run the pppd as root from a dialin account. One way of doing this (with the commercial PPP with which I am familiar) is to make the pppd setuid root and run it from a shell script which is that user's login shell. (I suppose you could run the pppd directly, but doing it from scripts is more convenient as it allows you to pass arguments to the pppd and set various options on a per-user basis.) One could make the uid of the account zero to achieve this without making pppd setuid, though I can imagine this making people jump up and down about security - can anyone think of an attack on this? - Richard -- http://www.elmail.co.uk/staff/richard/ GCS d- s+:- a-- C++ ULVS+++$ P+++ L++ E++ W(++,--) N(++,+) o? K w--- O? M- V? PS(+,+++) PE Y+ PGP+ t- 5++ X+@ R tv--- b++ DI+ D+ G e++ h r% y++
Re: pppd and setuidness (was Re: 3 Questions)
On Sun, 16 Jun 1996, Richard Kettlewell wrote: good question. and why isn't pppd setuid root? if it's a security issue, a ppp group would be in order. Personally I find that the diald package is an excellent way of avoiding this whole issue. However: i've been using kerneld (and request-route) to do this for some time now, so it really wasn't an issue. i was merely asking a question (since pppd installs itself setuid root when you build your own). jeff --- Why Linux? source code. POSIX. tcpip. job control. support from the authors. drivers for most hardware. because one terminal or process is never enough. forget the other O/Ss, i use Linux- the choice of a gnu generation.