Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 16 Feb 1998 07:24:51 +0000
From:      Brian Somers <brian@Awfulhak.org>
To:        Obi Wan Oblivion <vdk@chaosphere.com>
Cc:        hackers@FreeBSD.ORG
Subject:   Re: IIJPPP & The Root User 
Message-ID:  <199802160724.HAA25028@awfulhak.org>
In-Reply-To: Your message of "Sun, 15 Feb 1998 23:21:58 EST." <Pine.BSF.3.96.980215230330.691A-100000@logrus.chaosphere.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
> Howdy,
> 
> Any reason why I shouldn't modify IIJPPP Version 1.2 (built on 9/23/97) to
> allow uids other than zero to dialout?
> 
> I share my physical system with a few people who want access to the net,
> but I really don't want to dish out the root password to them.  I'm
> looking to keep the security, but add some flexibility.  For instance:
> 
>     <  if(getuid() != 0)
> 
>     >  if((getuid() != 0) || (getgid() != 68))
> 
> This way, you'd need to be either root, or a member of group dialer in
> order to use user process ppp in anything other than -direct.
> 
> Any thoughts?  Am I using a shotgun to kill a mouse, or am I unwittingly
> leaving a gaping security hole?

The newer version of ppp on http://www.FreeBSD.org/~brian is the same 
as the one in -current and -stable.  You can "allow users x y z" in 
ppp.conf.  Your best bet is to download that.

> Thanks!
> 
> -Jeff
> 
> "In Christianity neither morality nor religion come into contact with
> reality at any point."
>                 -- Friedrich Nietzsche
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message

-- 
Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org>
      <http://www.Awfulhak.org>;
Don't _EVER_ lose your sense of humour....



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802160724.HAA25028>