Date: Fri, 16 Aug 1996 10:18:42 -0600 (MDT) From: Nate Williams <nate@mt.sri.com> To: Mike Newell <mnewell@kaizen.net> Cc: Nate Williams <nate@mt.sri.com>, hackers@freefall.freebsd.org Subject: Re: Routed supports variable-length netmasks? Message-ID: <199608161618.KAA06691@rocky.mt.sri.com> In-Reply-To: <Pine.SGI.3.95.960816113405.11933C-100000@dada.kaizen.net> References: <199608161532.JAA06486@rocky.mt.sri.com> <Pine.SGI.3.95.960816113405.11933C-100000@dada.kaizen.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Newell writes: > On Fri, 16 Aug 1996, Nate Williams wrote: > > > /etc/ppp/ip-up and /etc/ppp/ip-down are run as root, no matter who the > > login user is. This also means you must be careful what you put in > > there, but since the environment is safeguarded pretty well it would be > > hard to break into a system via them. > > Well, in my case they didn't work. So I added lines of the form: > > route add ...... >> /var/log/ip-up.log 2>&1 > > and found routed was complaining that routes can only be changed by root. > Reading the man page for pppd is specifically says: > > /etc/ppp/ip-up > > ... snip ... > > This program or script is executed with the same > real and effective user-ID as pppd, that is, at > least the effective user-ID and possibly the real > user-ID will be root. This is so that it can be > used to manipulate routes, run privileged daemons > (e.g. sendmail), etc. Be careful that the con- > tents of the /etc/ppp/ip-up and /etc/ppp/ip-down > scripts do not compromise your system's security. > > > I'm not clear on how to interpret this, but apparently the _real_ UID is > root, but the _effective_ UID is that of the account used to invoke pppd. > Route appears to check the effective UID, so it refuses to do its thing. > Setting the script SUID has no effect. Neither does adding the ppp login > account to the "wheel" group. :-( Hmm, pppd on my box is as follows, which may be a security problem. ns:/usr/src/sbin/ipfw # ls -al /usr/sbin/pppd -r-sr-xr-x 1 root bin 69632 Jun 27 18:45 /usr/sbin/pppd* This is the same as I was doing in 2.1. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608161618.KAA06691>