Date: Wed, 1 Sep 1999 18:13:45 +0100 From: Mark Ovens <mark@ukug.uk.freebsd.org> To: Tony <tbrock@mail.phoenix.net> Cc: freebsd-questions@freebsd.org Subject: Re: user PPP only works for root Message-ID: <19990901181345.C283@marder-1> In-Reply-To: <99090108294601.00334@fdho-w5.fdnet.com>; from Tony on Wed, Sep 01, 1999 at 08:23:41AM -0500 References: <Pine.GSO.4.10.9908312325001.239-100000@echonyc.com> <99090108294601.00334@fdho-w5.fdnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 01, 1999 at 08:23:41AM -0500, Tony wrote: > On Tue, 31 Aug 1999, Ken Seggerman wrote: > > I am running FreeBSD 3.1 on a Pentium 486 machine, and have the user ppp > > that came with the release (PPP Version 2.0 - $Date: 1998/12/14 01:15:34) > > > > It no longer says "User Process PPP. Writen by Toshiaru OHNO." > > > > I have been using user ppp for some time now, but have only recently > > tried to break the habit of doing everthing as root, but still have to su > > to use ppp. > > > > $ ppp > > Working in interactive mode > > Warning: No available tunnel devices found (Permission denied). > > Warning: bundle_Create: No such file or directory > > Changing system routes, redirecting devices and access to the tunnel device is > not allowed by any user but root. I'm curious about an suid root ppp myself > but I think it opens glaring and ugly security holes of which I'm not educated > about. There is a way to "open" things up using sysctl but upon dynamically > modifiying the kernel in this way you open huge gaping holes in security. > Maybe someone else could expand or correct me here? > Add ``allow user <your_user_name>'' or ``allow user *'' for everyone to /etc/ppp/ppp.conf and add <your_user_name> (and anyone elses) to the group ``network'' then you can run ppp as a non-root user. HTH > Tony > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- STATE-OF-THE-ART: Any computer you can't afford. OBSOLETE: Any computer you own. ________________________________________________________________ FreeBSD - The Power To Serve http://www.freebsd.org My Webpage http://ukug.uk.freebsd.org/~mark/ mailto:mark@ukug.uk.freebsd.org http://www.radan.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990901181345.C283>