On 12 May 1997, Rob Browning wrote:
I strongly recommend that you use sudo, super, or only launch pppd as
root rather than making pppd suid root. sudo's easy to use, and much
safer.
You don't even need the wrapper script (at least not with sudo), it'll
take arguments for the command it's
Craig Sanders [EMAIL PROTECTED] writes:
The whole point of the wrapper script is to prevent users from being able
to give any options to pppd (which is where the potential vulnerability
lies).
Hmm, I wasn't thinking about the fact that the options were a big deal
(but of course they are when
On Mon, 12 May 1997, Francis Swasey wrote:
Ok, I give up. I've tried everything I can think of -- including reading
the instructions. I still cannot get PPP to work for anyone other than root.
I have put my userid in the /etc/group file as a member of group dialout
and made sure that
Ok, I give up. I've tried everything I can think of -- including reading
the instructions. I still cannot get PPP to work for anyone other than root.
I have put my userid in the /etc/group file as a member of group dialout
and made sure that the modem device (/dev/ttyS0) is owned by group
Craig Sanders [EMAIL PROTECTED] writes:
NOTE: doing making pppd setuid root is a potential security hole.
alternatively, write a wrapper shell script which calls pppd with the
appropriate parameters, and then configure sudo or super to allow
certain users/groups to run your shell script as
Rob Browning wrote:
to launch pppd.
Note that you *can* use a wrapper script if you want, but you don't
have to.
I,ve had good results with the little C program shown in Linux
Journal, May 1997, Issue #37, Page 10. Its also available for ftp from
ftp.ssc.com.
Jim
--
6 matches
Mail list logo