From owner-freebsd-current Fri Oct 25 19:20:38 2002 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 08EAB37B401 for ; Fri, 25 Oct 2002 19:20:37 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86C8943E3B for ; Fri, 25 Oct 2002 19:20:36 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.3/8.12.3) with ESMTP id g9Q2KXs7020434; Fri, 25 Oct 2002 19:20:33 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.3/8.12.3/Submit) id g9Q2KX94020433; Fri, 25 Oct 2002 19:20:33 -0700 Date: Fri, 25 Oct 2002 19:20:33 -0700 From: Brooks Davis To: Terry Lambert Cc: Brooks Davis , Bakul Shah , freebsd-current@FreeBSD.ORG Subject: Re: pppd not working on latest current 2002-10-20 Message-ID: <20021025192033.A20021@Odin.AC.HMC.Edu> References: <20021025152221.A8479@Odin.AC.HMC.Edu> <200210260034.UAA03676@tonnant.cnchost.com> <20021025175921.A2761@Odin.AC.HMC.Edu> <3DB9F885.D0A59E87@mindspring.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="zYM0uCDKw75PZbzx" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3DB9F885.D0A59E87@mindspring.com>; from tlambert2@mindspring.com on Fri, Oct 25, 2002 at 07:05:57PM -0700 X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --zYM0uCDKw75PZbzx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 25, 2002 at 07:05:57PM -0700, Terry Lambert wrote: > Brooks Davis wrote: > > This isn't going to have an effect on the ability to use kernel ppp for > > other things. The tty orientation of pppd and the outdated, unmodular > > design on ppp(4) have taken care of that. This patch gives people > > the functionality they want (pppd just working) without any major > > entanglements (the whole function is <20 lines). If someone > > wants to make pppd work on arbitrary devices we can deal with that when > > it happens and I frankly doubt it's ever going to since we've got > > netgraph to do that with. >=20 > Depending on the value of "sysctl kern.module_path", if the "if_ppp" > module does not exist, and one of the path components is writeable, > then this would permit you to abuse the pppd to load arbitrary modules > into the kernel. >=20 > So I understand Bakul's complaint. >=20 > But by the same token, "mount" and "ifconfig" have the same problems; > on the other hand, unlike pppd, they are not suid root. Note the getuid() check to prevent exactly this problem. If you want to keep root from loading modules, that's a kernel problem. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --zYM0uCDKw75PZbzx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9ufvwXY6L6fI4GtQRAk93AKDGr6OtRZkzThRa8OwXRGxu603OqQCgzlWx zXs2JTectkGq8Z1ALI4YwJs= =5iku -----END PGP SIGNATURE----- --zYM0uCDKw75PZbzx-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message