Re: Must pppd be run by root?
On Mon, 13 May 1996, Richard Kettlewell wrote:
> > This permissions problem just cost me over $44 (australian dollars).
> > I upgraded pppd on the dialin machine at work on Friday night.
> > Forgot to change the permissions on pppd to make it owned by
> > root.ppp, perms=1750.
> > When the line dropped out from my home machine to my work machine at
> > 5am the next morning, my home system automatically dialed in
> Under the control of what user? Why not root?
On my machine at home, the ppp startup script ran out of root's crontab.
On the machine at work, the pppd fired up by my ppplogin script ran, of
course, under the uid of my home machine's account. Not being root, it
didn't have the right permissions to run pppd so the session died...and
got started up again 2 minutes later. and 2 minutes after that. and again
2 minutes later. etc etc etc. $44 worth of calls.
The ppp package should have a 'ppp' group, pppd should be owned by
root.ppp and it should be mode 1750.
That will, by default, give the same security protection as the current
setup PLUS the added flexibility of allowing the sysadmin to easily add
user accounts to the ppp group.