From owner-freebsd-current Fri Oct 25 19:23:12 2002 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 82A8F37B401 for ; Fri, 25 Oct 2002 19:23:10 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 11E0443E3B for ; Fri, 25 Oct 2002 19:23:10 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.3/8.12.3) with ESMTP id g9Q2N7s7020840; Fri, 25 Oct 2002 19:23:08 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.3/8.12.3/Submit) id g9Q2N7e0020839; Fri, 25 Oct 2002 19:23:07 -0700 Date: Fri, 25 Oct 2002 19:23:07 -0700 From: Brooks Davis To: Brooks Davis Cc: Terry Lambert , Bakul Shah , freebsd-current@FreeBSD.ORG Subject: Re: pppd not working on latest current 2002-10-20 Message-ID: <20021025192307.B20021@Odin.AC.HMC.Edu> References: <20021025152221.A8479@Odin.AC.HMC.Edu> <200210260034.UAA03676@tonnant.cnchost.com> <20021025175921.A2761@Odin.AC.HMC.Edu> <3DB9F885.D0A59E87@mindspring.com> <20021025192033.A20021@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="p4qYPpj5QlsIQJ0K" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20021025192033.A20021@Odin.AC.HMC.Edu>; from brooks@one-eyed-alien.net on Fri, Oct 25, 2002 at 07:20:33PM -0700 X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --p4qYPpj5QlsIQJ0K Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 25, 2002 at 07:20:33PM -0700, Brooks Davis wrote: > On Fri, Oct 25, 2002 at 07:05:57PM -0700, Terry Lambert wrote: > > Depending on the value of "sysctl kern.module_path", if the "if_ppp" > > module does not exist, and one of the path components is writeable, > > then this would permit you to abuse the pppd to load arbitrary modules > > into the kernel. > >=20 > > So I understand Bakul's complaint. > >=20 > > But by the same token, "mount" and "ifconfig" have the same problems; > > on the other hand, unlike pppd, they are not suid root. >=20 > Note the getuid() check to prevent exactly this problem. If you want to > keep root from loading modules, that's a kernel problem. Oops, wrong problem. If this one exists, it's a bug in kldload. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --p4qYPpj5QlsIQJ0K Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9ufyKXY6L6fI4GtQRAi87AJ90ueUpCx/q1NMoXXFpF/mDHECKMgCcC6rv aVwdAEQ/Cww1LoGnhsDEbUg= =BOhw -----END PGP SIGNATURE----- --p4qYPpj5QlsIQJ0K-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message