From owner-freebsd-hackers Sun Feb 15 23:26:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA20063 for freebsd-hackers-outgoing; Sun, 15 Feb 1998 23:26:41 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.demon.co.uk [158.152.17.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA20019 for ; Sun, 15 Feb 1998 23:26:24 -0800 (PST) (envelope-from brian@Awfulhak.org) Received: from gate.lan.awfulhak.org (localhost [127.0.0.1]) by awfulhak.org (8.8.7/8.8.7) with ESMTP id HAA25028; Mon, 16 Feb 1998 07:24:52 GMT (envelope-from brian@gate.lan.awfulhak.org) Message-Id: <199802160724.HAA25028@awfulhak.org> X-Mailer: exmh version 2.0.1 12/23/97 To: Obi Wan Oblivion cc: hackers@FreeBSD.ORG Subject: Re: IIJPPP & The Root User In-reply-to: Your message of "Sun, 15 Feb 1998 23:21:58 EST." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 16 Feb 1998 07:24:51 +0000 From: Brian Somers Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Howdy, > > Any reason why I shouldn't modify IIJPPP Version 1.2 (built on 9/23/97) to > allow uids other than zero to dialout? > > I share my physical system with a few people who want access to the net, > but I really don't want to dish out the root password to them. I'm > looking to keep the security, but add some flexibility. For instance: > > < if(getuid() != 0) > > > if((getuid() != 0) || (getgid() != 68)) > > This way, you'd need to be either root, or a member of group dialer in > order to use user process ppp in anything other than -direct. > > Any thoughts? Am I using a shotgun to kill a mouse, or am I unwittingly > leaving a gaping security hole? The newer version of ppp on http://www.FreeBSD.org/~brian is the same as the one in -current and -stable. You can "allow users x y z" in ppp.conf. Your best bet is to download that. > Thanks! > > -Jeff > > "In Christianity neither morality nor religion come into contact with > reality at any point." > -- Friedrich Nietzsche > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message -- Brian , , Don't _EVER_ lose your sense of humour.... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message