Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 15 Feb 1998 23:21:58 -0500 (EST)
From:      Obi Wan Oblivion <vdk@chaosphere.com>
To:        hackers@FreeBSD.ORG
Subject:   IIJPPP & The Root User
Message-ID:  <Pine.BSF.3.96.980215230330.691A-100000@logrus.chaosphere.com>

next in thread | raw e-mail | index | archive | help
Howdy,

Any reason why I shouldn't modify IIJPPP Version 1.2 (built on 9/23/97) to
allow uids other than zero to dialout?

I share my physical system with a few people who want access to the net,
but I really don't want to dish out the root password to them.  I'm
looking to keep the security, but add some flexibility.  For instance:

    <  if(getuid() != 0)

    >  if((getuid() != 0) || (getgid() != 68))

This way, you'd need to be either root, or a member of group dialer in
order to use user process ppp in anything other than -direct.

Any thoughts?  Am I using a shotgun to kill a mouse, or am I unwittingly
leaving a gaping security hole?

Thanks!

-Jeff

"In Christianity neither morality nor religion come into contact with
reality at any point."
                -- Friedrich Nietzsche


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980215230330.691A-100000>