ppp-on is only root executable despite permissions
John H. Robinson, IV
jaqque at ucsd.edu
Sat Jul 15 10:18:39 PDT 2000
On Fri, Jul 14, 2000 at 06:52:44PM -0700, John Wenger wrote:
> Ralph Shumaker wrote:
>
> > I've not even heard of the group "pppusers" though it sounds obvious
> > enough.
>
> I don't know about Debian, but the group "pppusers" is part
> of Redhat 6.2.
[jaqque at osiris:~]% ls -l /usr/sbin/pppd
-rwsr-x--- 1 root dip 183504 Apr 4 00:52 /usr/sbin/pppd
debian uses group dip to allow access to pppd.
[jaqque at osiris:~]% ls -l `which pon`
-rwxr-xr-x 1 root root 50 Apr 4 00:52 /usr/bin/pon
[jaqque at osiris:~]% cat /usr/bin/pon
#!/bin/sh
exec /usr/sbin/pppd call ${1:-provider}
debian does things really simply, cleanly, and efficiently. it allows
pppd to handle all the good stuff.
[jaqque at osiris:~]% ls -ld /etc/ppp /etc/chatscripts
drwxr-s--- 2 root dip 1024 Jul 15 1999 /etc/chatscripts
drwxr-x--- 6 root dip 1024 May 21 00:08 /etc/ppp
this prevents non trusted users from getting at username password pairs
-rw------- 1 root dip 1508 Feb 22 1999 pap-secrets
that one only root is getting at, the one that has the passwords.
> Consider "wvdial" for your dialup solution, which is now
> part of RH6.2, and which I added to RH 5.2.
of course, the most painless ppp setup i have seen is pppconfig; part of
Debian - i do not know if it is available for RedHat or not. try it -
you might like it.
-john
More information about the KPLUG-List
mailing list