Date: Sat, 7 Aug 1999 02:24:53 -0500 (CDT) From: Anthony Kimball <alk@pobox.com> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/13009: ppp configuration file permission bits Message-ID: <199908070724.CAA32555@poboxer.pobox.com>
next in thread | raw e-mail | index | archive | help
>Number: 13009
>Category: bin
>Synopsis: ppp(8) does draconian permission checks on its config file
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sat Aug 7 00:30:01 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator: Anthony Kimball
>Release: FreeBSD 3.2-STABLE i386
>Organization:
Dis
>Environment:
vanilla
>Description:
ppp(8) will not operate if the current non-root user has permission
to write to its configuration file or its parent directories.
>How-To-Repeat:
sudo chmod g+w /etc/ppp/ppp.conf
ppp
>Fix:
Change the check from access(conf,W_OK) to detecting
erroneous S_IWOTH bits, thus allowing group access:
diff -u main.c main.c.old
--- main.c Sat Aug 7 02:13:29 1999
+++ main.c.old Sun May 2 03:59:47 1999
@@ -37,7 +37,6 @@
#include <sys/time.h>
#include <termios.h>
#include <unistd.h>
-#include <sys/stat.h>
#ifndef NOALIAS
#ifdef __FreeBSD__
@@ -304,9 +303,7 @@
snprintf(conf, sizeof conf, "%s/%s", _PATH_PPP, CONFFILE);
do {
- struct stat sb;
-
- if (stat(conf,&sb) || (sb.st_mode & S_IWOTH)) {
+ if (!access(conf, W_OK)) {
log_Printf(LogALERT, "ppp: Access violation: Please protect %s\n",
conf);
return -1;
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908070724.CAA32555>