Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 08 Nov 1996 13:40:00 +0800
From:      Peter Wemm <peter@spinner.DIALix.COM>
To:        John-Mark Gurney <gurney_j@resnet.uoregon.edu>
Cc:        Chris Timmons <skynyrd@tahoma.cwu.edu>, FreeBSD-gnats@freefall.freebsd.org, GNATS Management <gnats@freefall.freebsd.org>, freebsd-bugs@freefall.freebsd.org
Subject:   Re: bin/1973: pppd uses /etc/ppp/options.tty after command line  args
Message-ID:  <199611080540.NAA25079@spinner.DIALix.COM>
In-Reply-To: Your message of "Thu, 07 Nov 1996 18:30:32 PST." <Pine.NEB.3.95.961107182905.352S-100000@nike>
next in thread | previous in thread | raw e-mail | index | archive | help 
John-Mark Gurney wrote:
> On Thu, 7 Nov 1996, Chris Timmons wrote:
> > Hmmm... smells like a feature to me.  From pppd(8):
> > 
> >        /etc/ppp/options.ttyname
> >               System default options for the  serial  port  being
> >               used, read after command-line options.
> > 
> > ... which leads me to believe that the intention is to provide a mechanism
> > whereby the system administrator can lock-down certain options, like the
> > IP address that a normal user can't override.  
> > 
> > If your change is committed, how else might an adminstrator lock down
> > options?
> 
> actually... I just realized this...  and so what I was thinking about
> doing was to provide an option to read the options.tty file before the
> commandline args...  and in my environment they can't run pppd manually so
> it's not a security risk...  
> 
> so does the option to turn on reading option.ttys before commandline args
> sound good?  ttyl..

It's part of the security design, any changes here should be done rather 
carefully.  pppd is supposedly able to be configured to be able to be run 
relatively safely setuid-root on an "open" system, and the options.<tty> 
is part of this.  If you allow normal users to defeat the options.tty 
ordering, it may as well not be there.  If you have a "closed" system 
where users are not able to mess with the command line options, it's not 
an issue (as you pointed out).

IMHO, a compile-time option would be the safest thing here.

Cheers,
-Peter

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611080540.NAA25079>