summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2002-05-19 20:47:53 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2002-05-19 20:47:53 +0000
commit094831f5f1525b00b4970ee67b7eff11fe7d828f (patch)
tree8421f08e6c960bc981ca12f1f77cb70cb893d7d7
parentd4a5144b42a537d28be2bfc68f3e3cf0980ede7a (diff)
make pppd only executable by group network
-rw-r--r--usr.sbin/pppd/Makefile6
-rw-r--r--usr.sbin/pppd/pppd.85
2 files changed, 7 insertions, 4 deletions
diff --git a/usr.sbin/pppd/Makefile b/usr.sbin/pppd/Makefile
index 36f59d680dd..3cc505441c1 100644
--- a/usr.sbin/pppd/Makefile
+++ b/usr.sbin/pppd/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.14 1999/05/03 16:43:20 millert Exp $
+# $OpenBSD: Makefile,v 1.15 2002/05/19 20:47:52 deraadt Exp $
PCAPDIR=${.CURDIR}/../../lib/libpcap
@@ -9,9 +9,9 @@ SRCS= auth.c cbcp.c ccp.c chap.c chap_ms.c demand.c fsm.c ipcp.c \
.PATH: ${.CURDIR}/../../lib/libpcap ${.CURDIR}/../../sys/net
MAN= pppd.8
SUBDIR= pppstats chat
-BINMODE=4550
+BINMODE=4554
BINOWN= root
-BINGRP= dialer
+BINGRP= network
LDADD= -lpcap -lutil
DPADD= ${LIBPCAP} ${LIBUTIL}
diff --git a/usr.sbin/pppd/pppd.8 b/usr.sbin/pppd/pppd.8
index eb33f20571d..72e2a888091 100644
--- a/usr.sbin/pppd/pppd.8
+++ b/usr.sbin/pppd/pppd.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: pppd.8,v 1.21 2000/04/15 11:46:00 aaron Exp $
+.\" $OpenBSD: pppd.8,v 1.22 2002/05/19 20:47:52 deraadt Exp $
.\" manual page [] for pppd 2.3
.\" Id: pppd.8,v 1.27 1998/03/31 04:31:08 paulus Exp $
.\" SH section heading
@@ -662,6 +662,9 @@ A hash (#) starts a comment, which continues until the end of the
line. There is no restriction on using the \fIfile\fR or \fIcall\fR
options within an options file.
.SH SECURITY
+Users must be in group network to be able to use
+.I pppd.
+.LP
.I pppd
provides system administrators with sufficient access control that PPP
access to a server machine can be provided to legitimate users without