Date: Fri, 11 Oct 1996 17:53:55 +0400 (MSD) From: "=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=" (Andrey A. Chernov) <ache@nagual.ru> To: sos@FreeBSD.org Cc: joerg_wunsch@uriah.heep.sax.de, sos@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrsbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.sbin/ppp command.c Message-ID: <199610111353.RAA01030@nagual.ru> In-Reply-To: <199610110958.LAA15010@ra.dkuug.dk> from "sos@FreeBSD.org" at "Oct 11, 96 11:58:46 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> In reply to =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= who wrote: > > > > > As Soren Schmidt wrote: > > > > sos 96/10/10 04:27:38 > > > > > > > > Modified: usr.sbin/ppp command.c > > > > Log: > > > > Allow shell commands in all modes. > > > > > > Do you get a root shell now if you run ``ppp -auto'', connect to port > > > 3000, and issue a `shell'? I would consider this a very bad move! > > > > > > > Yes, we just make security hole, it should be fixed. > > Oops... I guess it was too late in the night when I did that... > > Any good suggestions as how to make this work securely ?? > Maybe only allowing the program named in the ppp.xxx file, that > way security is at the/etc/ppp level. Not so complex, just disable 'shell' command in telnet mode. As I remember ppp have some flag indicating it running with -auto, and/or some flag indicating telnet mode, shell command must check those flags and refuse execution. -- Andrey A. Chernov <ache@nagual.ru> http://www.nagual.ru/~ache/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610111353.RAA01030>