On Tue, Jun 01, 1999 at 04:33:50PM -0500, John Hasler wrote > Robert writes: > > Is it [/etc/ppp being root.root] a bug? > > Yes. It should be root.dip . > > > Seems like the default for allowing a ppp dial out would be up to the > > admin and not users? > > It is. The admin decides which users to put in the dip group. >
Maybe things have changed since I installed PPP, but on my home system /etc/ppp is owned root:root and has permissions 700. Users who are in the dip group can use PPP, because pppd is owned root:dip and has permissions 4754 (suid root, executable by group). Having /etc/ppp owned by root:dip and group readable is, in my opinion, bad. Setting it up that way allows any user that you trust to use *any* PPP account to read stuff in /etc/ppp, which may include stuff you don't want them to see (like pap-secrets). On a single-user machine it's not so bad, but unless things have changed since 2.2.5-3 it is unnecessary and potentially dangerous. John P. -- [EMAIL PROTECTED] [EMAIL PROTECTED] "Oh - I - you know - my job is to fear everything." - Bill Gates in Denmark
