Re: agrsm048 successful connection on 2.6.33, and update for 2.6.31

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Keneth,
English is not my native language.
Thus what I meanr clearly did not make its way and I apologize for that.
My message is that wvdial is built and delivered to be run as root (su , sudo, root login, your choice) for a very good reason: changing file permissions specially on the modem device (for example /dev/modem or whatever you use) opens your computer, using your connection for invasion, to hackers penetrating the system area through the modem device port. My message is, that methods to work around the root protection indeed exist, but they expose the computer to risk. There unfortunately do not exist any trick to convince people not to take risks, until the day they will for example have lost a disk (compare with smoking and the risk of lung cancer, if I still am not clear). I feel it as a social duty to explain this point when methods are spread among unaware users, for the sole purpose of saving the typing of one password when dialling out.

Jacques


Keneth W Jones wrote:
Jacques,

I believe Joshua answered WHY the issue rises when he stated the
following:

"Wvdial can't hand over to pppd as a normal user. You need to run wvdial
as root or with sudo."

I was trying to determine if the solution of allowing only members of
the dip group to dial-out was a feasible workaround to the security
issue you raised in your reply.  (Please note that my Ubuntu 8.04.4 LTS
upgraded from Ubuntu 6.06 LTS was pre-setup in this manner).
I guess that even though the dip group reduces the number of users
having access to the Internet via dial-up, it still employs the use of
setuid on pppd; thus, is still a security issue due to pppd being
executed with the rights of root via setuid.
Regards,

Ken

On Fri, 2010-03-26 at 08:05 +0300, Jacques Goldberg wrote:
Sure, Keneth, but may I suggest to always quote WHY the issue rises in addition to how to "solve" it? A major security risk of a remote hacker penetrating the system if wvdial/ppp is not running as super-user.

Jacques

eneth W Jones wrote:
Joshua,

To resolve the issue of running /usr/sbin/pppd (via wvdial or Gnome PPP)
as a non-sudo/regular user...is there anything wrong with doing the
following:

First,

Check to see if the group called dip exists on your system:

$ cat /etc/group | grep "dip"
dip:x:30:hjones

Per the above, the dip group exists on my system, and my USERNAME hjones
is a member of this group.
If the dip group exists, but your USERNAME is not included in the dip
group run the following command:

$ sudo gpasswd -a USERNAME dip


However; more than likely you will need to create the dip group, and add
your USERNAME to the dip group. So...
Second,

$ sudo groupadd -g 30 dip
$ sudo gpasswd -a USERNAME dip

As a result, the file /etc/group will be updated with a line; e.g.,
dip:x:30:<USERNAME>

Third,

Set the group and permissions on /usr/sbin/pppd file so that any member
of the dip group can execute /usr/sbin/pppd.

$ sudo chgrp dip /usr/sbin/pppd
$ sudo chmod u+s,o= /usr/sbin/pppd

.....

Nick, FYI the wvdial program uses the /etc/wvdial.conf for its
configuration setting file which you already know.
However, you may not know that Gnome PPP (the graphical front-end for
wvdial) uses a separate /home/USERNAME/.wvdial.conf for its
configuration setting file.
So, if you're using Gnome PPP you need to be looking at .wvdial.conf in
your home directory (BTW: the dot before wvdial.conf means the file is
hidden in case you didn't know) to see what settings are in effect for
pppd.
On Thu, 2010-03-25 at 09:20 +1100, Joshua Gordon Crawford wrote:
On 25 March 2010 09:16, Nick <soapduk@xxxxxxxxx> wrote:
Hi Joshua and list,

I feel a little silly right about now, but also optimistic at the same time...

You see, I was just reading a Ubuntu forum about the carrier check
issue and there someone asked if certain settings were on/off in
Gnome-PPP. Since I was using PPP I decided to have a look for such
settings, and there I saw the Carrier Check box ticked, even though I
had set it to off in wvdial.conf. Obviously PPP was overriding or
bypassing that option in wvdial. This is my mistake and I should have
mentioned I was using PPP.

This is what now happens when I dial-up:

--> WvDial: Internet dialer version 1.60
--> Initializing modem.
--> Sending: ATZ
ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Modem initialized.
--> Sending: ATM1L3DT086700006
--> Waiting for carrier.
ATM1L3DT086700006
CONNECT 50666 V44
--> Carrier detected.  Waiting for prompt.
** Lucent APX Terminal Server **
Login:
--> Carrier detected.  Starting PPP immediately.
--> Unable to run /usr/sbin/pppd.
--> Check permissions, or specify a "PPPD Path" option in wvdial.conf.
Wvdial can't hand over to pppd as a normal user. You need to run
wvdial as root or with sudo.

** Lucent APX Terminal Server **
Login: Idle Timeout--> Looks like a login prompt.
--> Sending: USERNAME
USERNAME
Password:
--> Looks like a password prompt.
--> Sending: (password)
    L2TP: Starting session
    Primary server '203.97.60.34'
~[7f]}#@!}!}!} }8}"}&} }*} } }#}$@#}%}&i[12]>P}'}"}(}"Ck~
--> PPP negotiation detected.
--> Unable to run /usr/sbin/pppd.
--> Check permissions, or specify a "PPPD Path" option in wvdial.conf.
~[7f]}#@!}!}"} }8}"}&} }*} } }#}$@#}%}&i[12]>P}'}"}(}" y~

And then it keeps repeating those bottom 4 lines over and over.

If I try stupid mode it or a combination of the two it only says this:

--> WvDial: Internet dialer version 1.60
--> Initializing modem.
--> Sending: ATZ
ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Modem initialized.
--> Sending: ATM1L3DT086700006
--> Waiting for carrier.
ATM1L3DT086700006
CONNECT 50666 V44
--> Carrier detected.  Starting PPP immediately.
--> Unable to run /usr/sbin/pppd.
--> Check permissions, or specify a "PPPD Path" option in wvdial.conf.
** Lucent APX Terminal Server **
Login: Idle Timeout

As for noise the phone line sounds crystal clear. I tried pulling out
the ADSL from the phone line but it's the same result.

I don't know what a PPPD Path option is. If anyone has any clues as to
whereabouts to go from here I would be grateful.
Looks good from here on. Just the permissions issue with pppd.

Regards

Nick

On Wed, Mar 24, 2010 at 16:26, Joshua Gordon Crawford
<jgcrawford@xxxxxxxxx> wrote:
On 23 March 2010 06:53, Nick <soapduk@xxxxxxxxx> wrote:
Hi Joshua,

Sorry for my late reply,

On Fri, Mar 19, 2010 at 00:16, Joshua Gordon Crawford
<jgcrawford@xxxxxxxxx> wrote:
It seems at this point that the driver is working correctly, and we're
left with a line quality issue.

When you use the phone on that line, does it sound noisy (crackly,
windy, etc)? Are there other phones or devices connected to the line,
in other rooms, etc? Can you test with a different line, e.g. at a
friend's house?

Is the modem new or used? I had to replace a modem a few years back
because _it_ had become noisy and couldn't hold the carrier.
The modem isn't new, but it would have been new when this computer was
purchased. Is there a way to find out if this one has become noisy?
You might  be able to hear it when the modem dials.

No the line doesn't sound noisy. I had my ADSL and another phone
plugged into the same jack, which I have now removed, but I'm still
getting the errors. In fact, I've just removed all the devices in the
house connected. Actually there is an alarm here that connects to the
phone line - don't know if that affects it, or how to disconnect it. I
haven't tried a friend's house but will see if I can do that.
Any other device on the line could be causing some noise. I don't know
how ADSL filtering might affect 56k modems.

it looks as though there is another error here, the Login x3 and
Password Idle Timeout:

ATM1L3DT086700006
CONNECT 50666 V44
--> Carrier detected.  Waiting for prompt.
--> Connected, but carrier signal lost!  Retrying...
--> Sending: ATM1L3DT086700006
--> Waiting for carrier.
** Lucent APX Terminal Server **
Login:
Login:
Login:
Login: ATM1L3DT086700006
Password: Idle Timeout
--> Timed out while dialing.  Trying again.
--> Sending: ATM1L3DT086700006
--> Waiting for carrier.
NO CARRIER
ATM1L3DT086700006
--> No Carrier!  Trying again.
--> Sending: ATM1L3DT086700006
--> Waiting for carrier.
NO CARRIER
ATM1L3DT086700006
--> No Carrier!  Trying again.
--> Maximum Attempts Exceeded..Aborting!!
--> Disconnecting at Tue Mar 23 08:39:03 2010

or does that relate to the existing 'No Carrier' problem?
Yes. Wvdial tries to dial again when the ISP is waiting for a
password. The "Carrier Check = No" option  is supposed to handle that.

If you can, test the modem in Windows and see what its log says.

A slightly off-topic question: I note that the modem wasn't detected
when I rebooted just now. Is it advisable to run wvdialconf as a
startup 'script'?
The driver needs to be loaded after each reboot, and the symlink
created. For now you can do that manually by running agrsm-test, but
later it can be automated.

Quoting agrsm_howto.txt (in the source directory):

Automation - Do NOT do this until full functionality of the modem is
achieved, or testing the issues will be confused. The following SINGLE LINE
can be added (depending upon your Linux distro) to /etc/modprobe.conf or
(Debian/Ubuntu) a file with folder /etc/modprobe.d/, perhaps
       /etc/modprobe.d/agrsm.conf

install agrserial modprobe --ignore-install agrmodem ; modprobe
--ignore-install agrserial ; test -e /dev/ttyAGS3 ; ln -s /dev/ttyAGS3
/dev/ttySAGR ; ln -s /dev/ttyAGS3 /dev/modem

<end quote>

The howto then implies you need to modprobe agrserial manually each
time you boot, but that can also be done automatically, by adding
agrserial to /etc/modules.
OK, thanks.

Nick

--
Joshua Crawford ... http://geocities.com/mortarn

http://www.rewardscentral.com.au/Join/Default.aspx?refer=mortarn
Be rewarded! Join RewardsCentral today!

--
Joshua Crawford ... http://geocities.com/mortarn

http://www.rewardscentral.com.au/Join/Default.aspx?refer=mortarn
Be rewarded! Join RewardsCentral today!



[Index of Archives]     [Linux Media Development]     [Asterisk]     [DCCP]     [Netdev]     [X.org]     [Xfree86]     [Fedora Women]     [Linux USB]

  Powered by Linux