Re: PPP as normal user

To: martin@internet-treff.uni-koeln.de
Cc: debian-user@lists.debian.org
Subject: Re: PPP as normal user
From: servis@purdue.edu
Date: Thu, 27 Aug 1998 14:31:04 -0500 (EST)
Message-id: <[🔎] E0zC7lG-0001ln-00@brian.servis.snet>
Reply-to: servis@purdue.edu
In-reply-to: <[🔎] 877lzugt9z.fsf@haitech.martin.home>

*- Martin Bialasinski wrote about "Re: PPP as normal user"
| 
| >> "s" == servis  <servis@purdue.edu> writes:
| 
| s> | /etc/chatscripts/provider:
| s> | -rw-r-----   1 root     dip           512 Aug 14 22:29 provider
| s> ^^^^
| s> BINGO!  I found that the group read bit was not on on this file. 
| s> Changed that and I am a happy camper now.  In fact I just dialed in to
| s> send this mail using my user account.
| 
| But this is strange. pppd is setuid root. So it should be able to
| read any file, right?
| 

I would think, does group permissions preval in such a case?  I could
never keep all this straight, as I have never read a definitive source
on file permissions(my fault I guess).

As a review this is the chain of files getting called on my system by
user servis to start the ppp connection using pon.
% ls -l /usr/bin/pon
   1 -rwxr-xr-x   1 root     dip            45 Jun 18 19:58 /usr/bin/pon*
% ls -l /usr/sbin/pppd
 105 -rwsr-xr--   1 root     dip        105532 Jun 18 19:59 /usr/sbin/pppd*

Should the process be root id, dip id, or servis id?
% ls -dl /etc/ppp
   1 drwxr-xr-x   6 root     dip          1024 Aug 26 15:31 /etc/ppp/
% ls -dl /etc/ppp/peers
   1 drwxr-xr-x   2 root     dip          1024 Jul 27 20:05 /etc/ppp/peers/
% ls -l /etc/ppp/peers/provider
   1 -rw-r-----   1 root     dip           671 Jul 27 20:05 /etc/ppp/peers/provider
% ls -dl /etc/chatscripts
   1 drwxr-x---   2 root     dip          1024 Jul  9 20:50 /etc/chatscripts/

I had to change the following to g+r for it to work, this indicates
that it was running as dip id.
% ls -l /etc/chatscripts/provider
   1 -rwxr-----   1 root     dip           170 Jul  9 20:50 /etc/chatscripts/provider*

But this writes it as group servis.
% ls -l /var/run/ppp0.pid 
   1 -rw-r--r--   1 root     servis          5 Aug 27 10:18 /var/run/ppp0.pid
and is running as root
% ps auw | grep pppd | grep -v grep
root      5338  0.0  0.5  1140   524  S3 S    10:16   0:00 /usr/sbin/pppd call provider 

poff is just a shell script that will call the kill command. I haven't
tried killing pppd from servis since this has worked.  It will take me
about an hour to get through the busy lines.  Will this be able to kill
the root process? 
% ls -l /usr/bin/poff
   2 -rwxr-xr-x   1 root     dip          1511 Jun 18 19:58 /usr/bin/poff*

Am I way off base?  It seems to work, but it isn't super clear to me
why.
 
-- 
Brian 
---------------------------------------------------------------------
"Never criticize anybody until you have walked a mile in their shoes,  
 because by that time you will be a mile away and have their shoes." 
							   - unknown  

Mechanical Engineering                              servis@purdue.edu
Purdue University                   http://www.ecn.purdue.edu/~servis
---------------------------------------------------------------------

Reply to:

Follow-Ups:
- Re: PPP as normal user
  - From: Martin Bialasinski <martin@internet-treff.uni-koeln.de>

References:
- Re: PPP as normal user
  - From: Martin Bialasinski <martin@internet-treff.uni-koeln.de>

Prev by Date: Re: Debian 2.0 last, wtmp broken
Next by Date: Re: SCSI peripherals?
Previous by thread: Re: PPP as normal user
Next by thread: Re: PPP as normal user
Index(es):
- Date
- Thread