Date: Fri, 11 Sep 1998 10:15:11 -0700 From: TS Waterman <waterman@cs.brandeis.edu> To: Marc Giannoni <marc@versa.eng.comsat.com> Cc: stable@FreeBSD.ORG Subject: Re: Dialup PPP Message-ID: <199809111715.KAA08729@home> In-Reply-To: Your message of "Fri, 11 Sep 1998 12:26:33 EDT." <XFMail.980911123539.marc@versa.eng.comsat.com> References: <XFMail.980911123539.marc@versa.eng.comsat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is exactly how it is installed in 2.2.7 from my system (recently rebuilt to -STABLE) -r-sr-xr-- 1 root network 143360 Aug 31 22:19 /usr/sbin/ppp Ppp still has security features built in (the "allow user" directive) to give permissions to only desired users. Unless it can be perverted into doing something bizarre, or the config files (/etc/ppp/...) are compromised, I wouldn't worry about the setuid security issues. Anyone know any outstanding security holes in ppp? Brian? Marc Giannoni writes: >All: > >I'm not sure if this issue has been addressed yet, but following the 2.2.5 to >2.2.6/7 upgrade, my dialup PPP stopped working. This seems to be related to >the new group 'network' assigned to ppp. > >Since I'm using 'getty' for dialup ppp, my configuration invokes `ppp -direct > '. >This does not run as Joe-Low-Privlege-User, so I changed the permissions for >"/usr/sbin/ppp". > >before: -r-sr-x--- 1 root network 143360 Feb 25 1998 /usr/sbin/ppp >--- >after: -r-sr-xr-x 1 root network 143360 Feb 25 1998 /usr/sbin/ppp > >This may introduce some security problems. Any suggestions? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809111715.KAA08729>