[893] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] dip

daemon@ATHENA.MIT.EDU (John Betts)
Wed Jul 10 18:35:02 1996

From: John Betts <johnb@aztec.co.za>
To: jordy@thirdwave.net (Jordy)
Date: Wed, 10 Jul 1996 19:20:34 +0200 (SAT)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.BSI.3.91.960709234912.21750A-100000-100000@aloha.com> from "Jordy" at Jul 9, 96 11:53:35 pm
Reply-to: johnb@aztec.co.za

% actually, dip does need to be setuid because it modifies the routing tables.
% 
forgive me if I am missing something here....

but, why would you want non-root users to make network connections and
make changes to routing tables?

Simple solution is to chmod -s dip, and only run it as root.

Do you _really_ want any 'ol luser on your system to dial out
and do funny things with your modem?

I think there should be a comms group, at least, in which only
users in that group may use _any_ communications device...

I dont like the fact that by default any 'ol luser can use my modem...
what about you folk?  Should this defacto standard be changed?

ciao

--
John

--
John Betts, Aztec Internet Services Port Elizabeth, South Africa
johnb@aztec.co.za,  Tel. +27(0)41 303 475, Fax. +27(0)41 301 052
The world is complex.  The Sendmail configuration reflects this.

home help back first fref pref prev next nref lref last post