Very Computer

by **Santosh K.Putt** » Fri, 17 Jul 1998 04:00:00

Is there a way to start "PPP" without being root ?
Thanks in advance

Santosh

by **T. Douglas Ma** » Fri, 17 Jul 1998 04:00:00

Quote:> Give root setuid to pppd. chmod 4711.

Another option is to use sudo, which allows users to execute programs
as root. Each user can be allowed or denied permission to execute
specific programs as root. It also doesn't have the security risks
associated with suid root programs.

Doug.

by **Robert W. Castle** » Fri, 17 Jul 1998 04:00:00

Yes :-

chmod the pppd file to 4777.

That is what I did and it worked !!!!!!

Rgds,

Robert

>Is there a way to start "PPP" without being root ?
>Thanks in advance

>Santosh

by **Dean Co** » Fri, 17 Jul 1998 04:00:00

Very simple, try chmod +s /usr/sbin/pppd

also, any scripts need to be user executable.

Dean

by **Deyon Ki** » Sat, 18 Jul 1998 04:00:00

Give root setuid to pppd. chmod 4711.

by **Steven M. Harringt** » Sat, 18 Jul 1998 04:00:00

>Give root setuid to pppd. chmod 4711.

Generally not a good idea to make any program suid if it isn't designed
for it. Also, sudo is too much trouble. The easiest solution is to use
the suid program (by design) reported on by Phil Hughes in the Linux
Journal. I've included a ___MODIFIED___ copy with this post. If
you want the original - go to the LJ web site.

/* ppp.c -- PPP control by mortals by Phil Hughes
* -- 12-28-96 */
* Published May 1997
/*
* Call with one argument:
* on -- start PPP
* off -- stop PPP
* Install owned by root.
* If you want anyone to be able to run it, set
* permissions to 4711
* If you only want a set of users to be able to
* run it: chgrp it to the group that should be
* able to run it and set permissions to 4710
*/

#include <stdio.h>
#include <strings.h>

/* define strings for what needs to be run */
#define PPP_ON "/etc/ppp/ppp-on" /* turn PPP on */
#define PPP_OFF "/etc/ppp/ppp-off" /* turn PPP off */

/* just for safety, set a sane search path */
char *env[] = {
"PATH=/bin:/usr/bin:/usr/sbin/",
NULL};

int main(int argc, char *argv[])
{
/* must be called with an argument */
if (argc != 2)
{
fprintf(stderr,
"Usage: %s: {on|off}\n", argv[0]);
exit(1);
}

setuid(0); /* become root */
if (strcmp(argv[1], "on") == 0)
{
execle(PPP_ON, (const char *) NULL,
&env);
}
else if (strcmp(argv[1], "off") == 0)
{
execle(PPP_OFF, (const char *) NULL,
&env);
}
else
{
fprintf(stderr, "%s: invalid argument\n",
argv[0]);
exit(2);
}
}
--
Steve

by **Brian McCaule** » Sat, 18 Jul 1998 04:00:00

> > Give root setuid to pppd. chmod 4711.

> Another option is to use sudo, which allows users to execute programs
> as root. Each user can be allowed or denied permission to execute
> specific programs as root. It also doesn't have the security risks
> associated with suid root programs.

In this case pppd will think it's _really_ being run by root so it
will let the user do anything (including executing arbitrary commands
with root authority). This is only safe so long as sudo is configured
not to allow the user to specify any arguments to pppd.

--

. _\\__[oo from | Phones: +44 121 471 3789 (home)

. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://wcl-l.bham.ac.uk/~bam/

Very Computer

PPP without being root

PPP without being root

PPP without being root

PPP without being root

PPP without being root

PPP without being root

PPP without being root

PPP without being root