Date: Fri, 11 Oct 1996 17:08:17 +0200 (MET DST) From: sos@FreeBSD.org To: ache@nagual.ru (=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=) Cc: sos@FreeBSD.org, joerg_wunsch@uriah.heep.sax.de, sos@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrsbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.sbin/ppp command.c Message-ID: <199610111508.RAA00223@SandBox.CyberCity.dk> In-Reply-To: <199610111353.RAA01030@nagual.ru> from "=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=" at Oct 11, 96 05:53:55 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In reply to áÎÄÒÅÊ_þÅÒÎÏ× who wrote:
>
> > Oops... I guess it was too late in the night when I did that...
> >
> > Any good suggestions as how to make this work securely ??
> > Maybe only allowing the program named in the ppp.xxx file, that
> > way security is at the/etc/ppp level.
>
> Not so complex, just disable 'shell' command in telnet mode.
> As I remember ppp have some flag indicating it running with -auto,
> and/or some flag indicating telnet mode, shell command must check
> those flags and refuse execution.
Will look at that solution...
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Søren Schmidt (sos@FreeBSD.org) FreeBSD Core Team
Even more code to hack -- will it ever end
..
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610111508.RAA00223>