[plug] Restarting ppp from a 'doze box
Craig Ringer
craig at postnewspapers.com.au
Fri Feb 7 13:48:39 WST 2003
> Why are people talking about 'sudo' to run pppd?
> I always install it suid, so it allows users to "pppd call <isp>",
> where a file /etc/ppp/peers/<isp> contains the options.
>
> You can use group execute permission to limit access. It could be
> called from a PHP script for remote windoze users.
> ( Or even from a windows desktop icon or start menu, using an rsh
> equivalent from a 'shortcut' script. )
>
> Is there anything wrong with this? Too insecure?
I think pppd is /supposed/ to be suid actually. It has some internal
security mechanisms like the concept of "priveleged" options that can
only be set by root on the cmdline or for all uses using
/etc/ppp/options or /etc/ppp/peers/{peername}. Sudo is probably less
secure for pppd than suid.
OTOH, its been a while since I've had to worry about this, so perhaps
I'm confused.
Craig
More information about the plug
mailing list