From owner-cvs-usrsbin Sun Oct 13 08:05:33 1996 Return-Path: owner-cvs-usrsbin Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA19419 for cvs-usrsbin-outgoing; Sun, 13 Oct 1996 08:05:33 -0700 (PDT) Received: (from sos@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA19389; Sun, 13 Oct 1996 08:05:20 -0700 (PDT) Date: Sun, 13 Oct 1996 08:05:20 -0700 (PDT) From: Soren Schmidt Message-Id: <199610131505.IAA19389@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrsbin Subject: cvs commit: src/usr.sbin/ppp command.c Sender: owner-cvs-usrsbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk sos 96/10/13 08:05:18 Modified: usr.sbin/ppp command.c Log: Fixed the security leek I introduced the other day, now shell command is only executabel from command files, not from the commandline. Revision Changes Path 1.24 +10 -3 src/usr.sbin/ppp/command.c From owner-cvs-usrsbin Sun Oct 13 23:40:12 1996 Return-Path: owner-cvs-usrsbin Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA02575 for cvs-usrsbin-outgoing; Sun, 13 Oct 1996 23:40:12 -0700 (PDT) Received: from specgw.spec.co.jp (specgw.spec.co.jp [202.32.13.1]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA02567; Sun, 13 Oct 1996 23:40:09 -0700 (PDT) Received: from tama3.spec.co.jp ([202.32.13.219]) by specgw.spec.co.jp (8.7.5/3.3Wb-SPEC) with SMTP id PAA21647; Mon, 14 Oct 1996 15:35:02 +0900 (JST) Message-Id: <9610140643.AA00552@tama3.spec.co.jp> Date: Mon, 14 Oct 1996 15:43:12 +0900 From: Atsushi Murai To: sos@FreeBSD.org Cc: ache@nagual.ru (=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=), joerg_wunsch@uriah.heep.sax.de, sos@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrsbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.sbin/ppp command.c In-Reply-To: <199610110958.LAA15010@ra.dkuug.dk> MIME-Version: 1.0 X-Mailer: AL-Mail 1.22 Content-Type: text/plain; charset=us-ascii Sender: owner-cvs-usrsbin@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk sos@FreeBSD.org wrote: :> > Do you get a root shell now if you run ``ppp -auto'', connect to port :> > 3000, and issue a `shell'? I would consider this a very bad move! :> > :> :> Yes, we just make security hole, it should be fixed. : :Oops... I guess it was too late in the night when I did that... : :Any good suggestions as how to make this work securely ?? :Maybe only allowing the program named in the ppp.xxx file, that :way security is at the/etc/ppp level. Fuum. I thought it's already in there...If my memory is still not out of date (another word, as far as I've done without checking latest ppp code ), the ppp just allows to execute shell and manipulate "ppp" with all running mode if ; o You should type a correct password that hostname and password pair in /etc/ppp.secret. if you don't write above pair, you may have warning messages.. Atsushi. --- Atsushi Murai Internet: amurai@spec.co.jp System Planning and Engineering Co,.Ltd. Voice : +81-33833-5341 PGP Key fingerprint : 1C 27 22 77 11 43 64 90 9E 5E 68 CE 65 BD 68 06 From owner-cvs-usrsbin Mon Oct 14 12:42:12 1996 Return-Path: owner-cvs-usrsbin Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA21240 for cvs-usrsbin-outgoing; Mon, 14 Oct 1996 12:42:12 -0700 (PDT) Received: (from jkh@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA21184; Mon, 14 Oct 1996 12:41:46 -0700 (PDT) Date: Mon, 14 Oct 1996 12:41:46 -0700 (PDT) From: "Jordan K. Hubbard" Message-Id: <199610141941.MAA21184@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrsbin Subject: cvs commit: src/usr.sbin/pkg_install/add perform.c src/usr.sbin/pkg_install/lib file.c Sender: owner-cvs-usrsbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk jkh 96/10/14 12:41:45 Modified: usr.sbin/pkg_install/add perform.c usr.sbin/pkg_install/lib file.c Log: Fix PR#1557 - chained package dependencies using URLs didn't work. Revision Changes Path 1.37 +32 -31 src/usr.sbin/pkg_install/add/perform.c 1.24 +3 -2 src/usr.sbin/pkg_install/lib/file.c From owner-cvs-usrsbin Tue Oct 15 11:39:36 1996 Return-Path: owner-cvs-usrsbin Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA28048 for cvs-usrsbin-outgoing; Tue, 15 Oct 1996 11:39:36 -0700 (PDT) Received: (from jkh@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA28024; Tue, 15 Oct 1996 11:39:23 -0700 (PDT) Date: Tue, 15 Oct 1996 11:39:23 -0700 (PDT) From: "Jordan K. Hubbard" Message-Id: <199610151839.LAA28024@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrsbin Subject: cvs commit: src/usr.sbin/pkg_install/add add.h main.c perform.c pkg_add.1 src/usr.sbin/pkg_install/create create.h main.c perform.c pkg_create.1 pl.c src/usr.sbin/pkg_install/delete main.c perform.c src/usr.sbin/pkg_install/info info.h main.c perform.c show.c src/usr.sbin/pkg_install/lib file.c global.c lib.h msg.c pen.c plist.c Sender: owner-cvs-usrsbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk jkh 96/10/15 11:39:21 Branch: usr.sbin/pkg_install/add RELENG_2_1_0 usr.sbin/pkg_install/create RELENG_2_1_0 usr.sbin/pkg_install/delete RELENG_2_1_0 usr.sbin/pkg_install/info RELENG_2_1_0 usr.sbin/pkg_install/lib RELENG_2_1_0 Modified: usr.sbin/pkg_install/add add.h main.c perform.c pkg_add.1 usr.sbin/pkg_install/create create.h main.c perform.c pkg_create.1 pl.c usr.sbin/pkg_install/delete main.c perform.c usr.sbin/pkg_install/info info.h main.c perform.c show.c usr.sbin/pkg_install/lib file.c global.c lib.h msg.c pen.c plist.c Log: Merge from HEAD. Revision Changes Path 1.5.4.3 +1 -1 src/usr.sbin/pkg_install/add/add.h 1.7.4.7 +1 -1 src/usr.sbin/pkg_install/add/main.c 1.26.2.12 +32 -31 src/usr.sbin/pkg_install/add/perform.c 1.10.4.4 +21 -20 src/usr.sbin/pkg_install/add/pkg_add.1 1.8.4.2 +1 -1 src/usr.sbin/pkg_install/create/create.h 1.11.4.2 +1 -1 src/usr.sbin/pkg_install/create/main.c 1.27.4.4 +1 -1 src/usr.sbin/pkg_install/create/perform.c 1.14.4.2 +1 -1 src/usr.sbin/pkg_install/create/pkg_create.1 1.7.4.2 +1 -1 src/usr.sbin/pkg_install/create/pl.c 1.4.4.2 +1 -1 src/usr.sbin/pkg_install/delete/main.c 1.7.4.3 +1 -1 src/usr.sbin/pkg_install/delete/perform.c 1.7.4.2 +1 -1 src/usr.sbin/pkg_install/info/info.h 1.9.4.2 +1 -1 src/usr.sbin/pkg_install/info/main.c 1.16.4.5 +1 -1 src/usr.sbin/pkg_install/info/perform.c 1.6.4.3 +1 -1 src/usr.sbin/pkg_install/info/show.c 1.10.4.11 +3 -2 src/usr.sbin/pkg_install/lib/file.c 1.2.6.2 +1 -1 src/usr.sbin/pkg_install/lib/global.c 1.16.4.6 +1 -1 src/usr.sbin/pkg_install/lib/lib.h 1.5.4.2 +0 -0 src/usr.sbin/pkg_install/lib/msg.c 1.13.4.10 +1 -1 src/usr.sbin/pkg_install/lib/pen.c 1.13.4.4 +1 -1 src/usr.sbin/pkg_install/lib/plist.c From owner-cvs-usrsbin Thu Oct 17 18:44:59 1996 Return-Path: owner-cvs-usrsbin Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA15979 for cvs-usrsbin-outgoing; Thu, 17 Oct 1996 18:44:59 -0700 (PDT) Received: (from jkh@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA15960; Thu, 17 Oct 1996 18:44:48 -0700 (PDT) Date: Thu, 17 Oct 1996 18:44:48 -0700 (PDT) From: "Jordan K. Hubbard" Message-Id: <199610180144.SAA15960@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrsbin Subject: cvs commit: src/usr.sbin/ppp Makefile Sender: owner-cvs-usrsbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk jkh 96/10/17 18:44:47 Modified: usr.sbin/ppp Makefile Log: Turn LOCALHACK off by default (whoops!) Noticed-By: Atsushi Murai Revision Changes Path 1.8 +2 -2 src/usr.sbin/ppp/Makefile From owner-cvs-usrsbin Thu Oct 17 20:48:09 1996 Return-Path: owner-cvs-usrsbin Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA21284 for cvs-usrsbin-outgoing; Thu, 17 Oct 1996 20:48:09 -0700 (PDT) Received: (from jkh@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA21158; Thu, 17 Oct 1996 20:47:55 -0700 (PDT) Date: Thu, 17 Oct 1996 20:47:55 -0700 (PDT) From: "Jordan K. Hubbard" Message-Id: <199610180347.UAA21158@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrsbin Subject: cvs commit: src/usr.sbin/ppp Makefile passwdauth.c Sender: owner-cvs-usrsbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk jkh 96/10/17 20:47:55 Modified: usr.sbin/ppp Makefile passwdauth.c Log: Make changes suggested in PR#1825, closing it. Removes default local hack behavior better than previous commit. Submitted-By: Peter Childs Revision Changes Path 1.9 +2 -2 src/usr.sbin/ppp/Makefile 1.2 +8 -9 src/usr.sbin/ppp/passwdauth.c