From owner-freebsd-questions Thu Sep 2 17:13:11 1999 Delivered-To: freebsd-questions@freebsd.org Received: from awfulhak.org (dynamic-31.max1-du-ws.dialnetwork.pavilion.co.uk [212.74.8.31]) by hub.freebsd.org (Postfix) with ESMTP id EAF7F156B3 for ; Thu, 2 Sep 1999 17:12:58 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from keep.lan.Awfulhak.org (root@keep.lan.Awfulhak.org [172.16.0.8]) by awfulhak.org (8.9.3/8.9.3) with ESMTP id BAA01232; Fri, 3 Sep 1999 01:12:49 +0100 (BST) (envelope-from brian@lan.awfulhak.org) Received: from keep.lan.Awfulhak.org (brian@localhost.lan.Awfulhak.org [127.0.0.1]) by keep.lan.Awfulhak.org (8.9.3/8.9.3) with ESMTP id AAA68820; Fri, 3 Sep 1999 00:02:31 +0100 (BST) (envelope-from brian@keep.lan.Awfulhak.org) Message-Id: <199909022302.AAA68820@keep.lan.Awfulhak.org> X-Mailer: exmh version 2.0.2 2/24/98 To: tbrock@mail.phoenix.net Cc: freebsd-questions@FreeBSD.ORG Subject: Re: user PPP only works for root In-reply-to: Your message of "Wed, 01 Sep 1999 08:23:41 CDT." <99090108294601.00334@fdho-w5.fdnet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 03 Sep 1999 00:02:31 +0100 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > On Tue, 31 Aug 1999, Ken Seggerman wrote: > > I am running FreeBSD 3.1 on a Pentium 486 machine, and have the user ppp > > that came with the release (PPP Version 2.0 - $Date: 1998/12/14 01:15:34) > > > > It no longer says "User Process PPP. Writen by Toshiaru OHNO." > > > > I have been using user ppp for some time now, but have only recently > > tried to break the habit of doing everthing as root, but still have to su > > to use ppp. > > > > $ ppp > > Working in interactive mode > > Warning: No available tunnel devices found (Permission denied). > > Warning: bundle_Create: No such file or directory > > Changing system routes, redirecting devices and access to the tunnel device is > not allowed by any user but root. I'm curious about an suid root ppp myself > but I think it opens glaring and ugly security holes of which I'm not educated > about. There is a way to "open" things up using sysctl but upon dynamically > modifiying the kernel in this way you open huge gaping holes in security. > Maybe someone else could expand or correct me here? Ppp can only be executed by users that are in group ``network'' and are explicitly ``allow''d to run ppp. It is quite possible for the admin to restrict a user to specific modes so that they have no control over the ppp profile that they use when they invoke ppp. Assuming the admin explicitly allows a user access to a ppp prompt, that user will be privileged - they can adjust the routing table and alter the tun interface that ppp is using. It is assumed that the admin can trust the user to do this sort of thing. A smart & destructive user can do things like open the serial device and create pid files and the like in /var/run. They can also grab the default route and point it at an arbitrary workstation that they have control over - this is probably the best way to ``violate'' the network from ppp. Executing other programs from the ppp prompt will always be done as the user that originally started ppp. All of this IMHO makes sense; it's difficult to allow user access because it's dangerous to do so. > Tony -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message