Re: FW:Etc/ppp/pap-secret

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2010/1/23 Marvin Stodolsky <marvin.stodolsky@xxxxxxxxx>:
> Joshua,
>
> Re: you've given the file world access.
> Only for the first dialup to that particular IP server, as I didn't
> know what it wanted to write.
> Immediately after the writing to /etc/ppp/chap-secrets,
> I restored the original security settings.

Ah, I didn't notice that it was just for the one time. In that case,
the first connection could just have been made by root (sudo), who
obviously has the correct permissions and could thus modify the file.

Still, Samridh's permissions problem would not be fixed by following
the instructions in that email.

> On Fri, Jan 22, 2010 at 6:37 PM, Joshua Gordon Crawford
> <jgcrawford@xxxxxxxxx> wrote:
>> 2010/1/23 Marvin Stodolsky <marvin.stodolsky@xxxxxxxxx>:
>>> For a detailed explanation
>>> see http://linmodems.technion.ac.il/bigarch/archive-sixth/msg04656.html
>>
>> Marv, I've just looked at that email, and it's not quite the same
>> problem as Samridh is having. In that email, it seems you wanted a
>> normal user to be able to edit the file and dialout, whereas Samridh
>> needs to block normal users (world) from that file before he can
>> dialout.
>>
>> In fact, I'm a little surprised the steps you describe in that email
>> didn't change your error to his, as you've given the file world
>> access. I guess pppd wants different permissions on that file
>> depending if you're a normal user or root (sudo).
>>
>> In your case, a better (more secure) solution would have been to
>> modify the file's group and its group permissions. I.e., you probably
>> have a group named 'dialout'. Your user should be in that group (check
>> /etc/group; if you change it, logout and back in to effect the
>> change). You could then add the file to that group:
>> $ sudo chgrp dialout /etc/ppp/pap-secrets
>> And make the file group writable:
>> $ sudo chmod 660 /etc/ppp/pap-secrets    (or 'ug+rw' if you prefer,
>> but numbers are more absolute)
>> Now, any user in the dialout group can edit the file, and dial out as
>> well, without having to change permissions each time.
>>
>>> On Fri, Jan 22, 2010 at 5:36 PM, Joshua Gordon Crawford
>>> <jgcrawford@xxxxxxxxx> wrote:
>>>> 2010/1/23 Samridh adhikari <9038728323@xxxxxxxxx>:
>>>>>
>>>>> Halo i am using knoppix live cd..dial up error warning.../etc/ppp/pap-secret has world access..connection terminated..                Pls tell me the cure...               Sam
>>>>
>>>> $ sudo chmod 600 /etc/ppp/pap-secrets
>>>>
>>>> OR
>>>>
>>>> $ sudo chmod go-rwx /etc/pap-secrets
>>>>
>>>> Use 'man' (short for manual) to learn more about commands in linux.
>>>>
>>>> $ man chmod
>> --
>> Joshua Crawford ... http://geocities.com/mortarn
>>
>> http://www.rewardscentral.com.au/Join/Default.aspx?refer=mortarn
>> Be rewarded! Join RewardsCentral today!
>>
>



-- 
Joshua Crawford ... http://geocities.com/mortarn

http://www.rewardscentral.com.au/Join/Default.aspx?refer=mortarn
Be rewarded! Join RewardsCentral today!


[Index of Archives]     [Linux Media Development]     [Asterisk]     [DCCP]     [Netdev]     [X.org]     [Xfree86]     [Fedora Women]     [Linux USB]

  Powered by Linux