Re: ppp: invocation by users? and pppd dies - reports SIGHUP - why?

To: debian-user@Pixar.com
Subject: Re: ppp: invocation by users? and pppd dies - reports SIGHUP - why?
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
Date: Sat, 21 Oct 95 02:38 BST
Message-id: <[🔎] m0t6StY-0002aWC@chiark.chu.cam.ac.uk>

Philip Tuckey writes ("ppp: invocation by users? and pppd dies - reports SIGHUP - why?"):
> [...]          As I understand
> it, I can do this by chmod-ing the pppd binary to be suid, with root as
> the owner. For further security, I can create a group ppp, chown pppd to
> root.ppp, give only the group execute access to pppd, and add the relevant
> users to the group ppp. Finally, as the binary is in /usr/sbin, there is
> an aesthetic question about whether the users should include this in their
> path, or if I should make a link from /usr/local/bin/pppd (or something)
> to /usr/sbin/pppd. (I know diald exists, but I wanted to get a simple 
> solution working first.)

There is a problem with you simply changing the permissions on your
binary - they will get reset next time you install the package.

If this is a generally useful change then it should be made in the PPP
package (obviously).

If not, and in any case in the meantime, I think the best solution is
for you to create a setuid C wrapper.  `sudo' may provide facilities
to allow you to do this properly.

If `sudo' solves the problem more generally then perhaps the Debian
package should document this, and/or offer to modify sudo's
configuration in an appropriate and secure manner (this is something
that we're more likely to get right, I think, than arbitrary
sysadmins).

Ian.

Reply to:

Prev by Date: Re: Network trouble with netscape [was: backspace in netscape]
Next by Date: X options in XDM?
Previous by thread: Re: ppp: invocation by users?
Next by thread: Can I mount -t nfs to the Debian archive?
Index(es):
- Date
- Thread