Date: Sun, 31 Aug 1997 13:09:19 +0200 (MET DST) From: Eivind Eklund <perhaps@yes.no> To: Brian Somers <brian@awfulhak.org> Cc: guido@gvr.org, brian@FreeBSD.ORG, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-lib@FreeBSD.ORG Subject: Re: cvs commit: src/lib/libutil login_progok.3 login_progok.c Makefile libutil.h login.conf.5 Message-ID: <199708311109.NAA14292@bitbox.follo.net> In-Reply-To: Brian Somers's message of Sun, 31 Aug 1997 01:02:16 %2B0100 References: <199708291956.VAA13103@gvr.gvr.org> <199708310002.BAA23911@awfulhak.demon.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hmm, making a ppp group would address the problem..... I don't really > have an excuse for not doing it that way (temporary insanity?). > > Perhaps I should take this stuff back out. Does anyone see any > reasons why it should stay ? If someone wants to restrict use of a > program they can: > > $ ls -l /usr/sbin/ppp > -r-sr-x--- 1 root ppp 118784 Aug 28 01:03 /usr/sbin/ppp > > So if you're not in the ``ppp'' group, you don't get to run it ;-) Set this as the default, please. Having PPP available to "joe user" break some security paradigms - there is a lot of havoc you can do by being able to modify the routing table... Eivind.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708311109.NAA14292>