[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Must pppd be run by root?

>>>>> "C" == Craig Sanders <cas@taz.net.au> writes:

C> I suppose that would do the job, but what if a sysadmin wants to
C> allow users to dial in using ppp, but NOT allow them to dialout
C> with minicom or send faxes?

C> I'm absolutely certain that I wouldn't want to add users to a
C> dialout group just to let them dial in with a ppp account.

If you're going to do something, ppp/slip seem sufficiently different
to warrant their own group.  Something like
transient-network-connection (but shorter :> ).  

I'm still not sure that ppp will really work properly when run by
someone other than root (unless it's suid root) if you want to use the
"default" option that makes the routing changes automatically when the
connection goes up and down.  Even if you handle the routing outside
the call to pppd, you'll still have to do the routing as root, so I
don't see what trying to get pppd to be runnable by non-root users
buys you.

I still think that sudo's the best solution, but I probably just don't
understand the situation well enough.


Reply to: