Bug#126406: KPPP fixes, derived from #126406

To: 126406@bugs.debian.org, Christopher Martin <christopher.martin@utoronto.ca>
Subject: Bug#126406: KPPP fixes, derived from #126406
From: Achim Bohnet <ach@mpe.mpg.de>
Date: Wed, 5 May 2004 21:37:48 +0200
Message-id: <[🔎] 200405052137.48686.ach@mpe.mpg.de>
Reply-to: Achim Bohnet <ach@mpe.mpg.de>, 126406@bugs.debian.org
In-reply-to: <[🔎] 200405051359.59841.christopher.martin@utoronto.ca>
References: <[🔎] 200405051359.59841.christopher.martin@utoronto.ca>

On Wednesday 05 May 2004 19:59, Christopher Martin wrote:
> Hello,
> 
> To deal with the problems users are having configuring KPPP, I've put 
> together some small patches (based on the ideas, not my own, discussed in 
> Bug #126406) that should resolve these issues. The patches are attached 
> to the e-mail I sent to 126406@bugs.debian.org, which for some reason 
> hasn't been CCed to debian-qt-kde.

Great!  Thx Christopher.  FWIW I had a look at the patches and
AFAICS it looks okay.  Just one security note (sorry, no modem
access to test):

	  AFAIR you can use pppd with several call options.
		pppd call x call y  ...
	  This means everyone in dip group can now add noauth via
	  call kppp-options to pppd.

	  So in principle a bad member of the dip group could start
	  a listening pppd daemon that allows dialup access without
	  authorization  (without noauth one needs edit 
	  pap,chap-secrets or add noauth in options or peers/*
	  That can only be done by root.  So it weakens security.

	  If this scenario is not too paranoid I would say
	  ship kppp-options with noauth commented out and document
	  in README how to enable it (or maybe even add a dialog
	  to kppp to warn about it).   Grmbl, I really hope it's
	  not necessary ;)

Maybe one should ask/cc/fwd pppd maintainer before applying to
kdenetwork pkgs?

Achim
> There are two distinct problems. KPPP must be SUID root, in order for PAP 
> and/or CHAP authentication to work, given the way KPPP operates. This is 
> unavoidable (it creates and moves files around in /etc/ppp). I've set 
> kppp to be 4754 root.dip (the same permissions as pppd), so membership in 
> the dip group is still needed to execute kppp.
> 
> Even when SUID, however, the custom pppd argument "noauth" doesn't 
> actually seem to have an effect, for some odd reason, and setting 
> "noauth" is necessary. Since having users edit /etc/ppp/options is bad 
> and cumbersome, I've added a work-around, /etc/ppp/peers/kppp-options, 
> which contains the string "noauth", and which is used by giving kppp the 
> default custom pppd argument "call kppp-options". When done this way, the 
> noauth option actually takes effect.
> 
> Also, I've elevated ppp from a Recommends to a dependency, since many 
> (most? all?) dial-up connections will need it, and this keeps things easy 
> and simple for users. Finally, I've removed the segment of documentation 
> which instructed users to modify /etc/ppp/options.
> 
> With these changes, KPPP should "just work" without any mucking around 
> whatsoever, except for configuration of the modem itself (symlinks, dev 
> node creation if necessary, etc.).
> 
> Christopher Martin
-- 
  To me vi is Zen.  To use vi is to practice zen. Every command is
  a koan. Profound to the user, unintelligible to the uninitiated.
  You discover truth everytime you use it.
                                      -- reddy@lion.austin.ibm.com

Reply to:

Follow-Ups:
- Bug#126406: KPPP fixes, derived from #126406
  - From: Christopher Martin <christopher.martin@utoronto.ca>
- Bug#126406: KPPP fixes, derived from #126406
  - From: Christopher Martin <christopher.martin@utoronto.ca>

References:
- KPPP fixes, derived from #126406
  - From: Christopher Martin <christopher.martin@utoronto.ca>

Prev by Date: KPPP fixes, derived from #126406
Next by Date: Bug#126406: KPPP fixes, derived from #126406
Previous by thread: KPPP fixes, derived from #126406
Next by thread: Bug#126406: KPPP fixes, derived from #126406
Index(es):
- Date
- Thread