[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#4673: ppp insecure

Christoph Lameter:
> [Ian Jackson:]
> >with these security considerations in mind.  On two of my systems a
> >user who can run pppd can break root.
> How?

Because I use ppp as part of a supposedly-secure tunnel between two
machines so that I can do remote admin.  If users can invoke pppd they
can probably gain control of an IP# that my security configuration
thinks is in the protected, secure space.

> Even the dip solution is a big problem for us here. We have to put 750
> users into the dip group to make it work.

You didn't really need to do this.  You could, for example, have made
your own setuid wrapper.


TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: