From b749597298e46ba0918f9581e38a2979fe7858b6 Mon Sep 17 00:00:00 2001 From: brian Date: Fri, 5 Sep 1997 23:11:28 +0000 Subject: Insist that the user has group network. Discussed on: -committers --- usr.sbin/sliplogin/Makefile | 3 ++- usr.sbin/sliplogin/sliplogin.8 | 32 +++++++++++++++++--------------- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/usr.sbin/sliplogin/Makefile b/usr.sbin/sliplogin/Makefile index 2299e65..d8efa9b 100644 --- a/usr.sbin/sliplogin/Makefile +++ b/usr.sbin/sliplogin/Makefile @@ -3,7 +3,8 @@ PROG= sliplogin MAN8= sliplogin.8 BINOWN= root -BINMODE=4555 +BINGRP= network +BINMODE=4550 INSTALLFLAGS=-fschg .include diff --git a/usr.sbin/sliplogin/sliplogin.8 b/usr.sbin/sliplogin/sliplogin.8 index e336f6d..9d10175 100644 --- a/usr.sbin/sliplogin/sliplogin.8 +++ b/usr.sbin/sliplogin/sliplogin.8 @@ -38,7 +38,7 @@ .Nm sliplogin .Nd attach a serial line network interface .Sh SYNOPSIS -.Nm sliplogin +.Nm .Op Ar loginname Op Ar device .Sh DESCRIPTION .Nm Sliplogin @@ -102,7 +102,7 @@ entry, in order starting with .Pp Only the super-user may attach a network interface. The interface is automatically detached when the other end hangs up or the -.Nm sliplogin +.Nm process dies. If the kernel slip module has been configured for it, all routes through that interface will also disappear at the same time. If there is other processing a site @@ -161,7 +161,7 @@ and .It Ar keepalive Set SLIP "keep alive" timeout in seconds. If FRAME_END is not received in this amount of time, -.Nm sliplogin +.Nm closes the line and exits. The default value is no timeout (zero). .It Ar outfill @@ -181,11 +181,11 @@ If any of first two parameters is equal to zero, it will not affect the corresponding SLIP configuration. .Sh EXAMPLE The normal use of -.Nm sliplogin +.Nm is to create a .Pa /etc/passwd entry for each legal, remote slip site with -.Nm sliplogin +.Nm as the shell for that entry. E.g., .Bd -literal Sfoo:ikhuy6:2010:1:slip line to foo:/tmp:/usr/sbin/sliplogin @@ -212,19 +212,21 @@ to the local host name and is the local host IP netmask. .Pp Note that -.Nm sliplogin +.Nm must be setuid to root and, while not a security hole, moral defectives can use it to place terminal lines in an unusable state and/or deny access to legitimate users of a remote slip line. To prevent this, -a site can create a group, say -.Em slip , -that only the slip login accounts are put in then make sure that -.Pa /usr/sbin/sliplogin -is in group -.Em slip -and mode 4550 (setuid root, only group -.Em slip -can execute binary). +.Nm +is installed as user +.Em root , +group +.Em network +and mode 4550 so that only members of group +.Em network +may run +.Nm sliplogin . +The system administrator should make sure that all legitimate users +are a member of the correct group. .Sh DIAGNOSTICS .Nm Sliplogin logs various information to the system log daemon, -- cgit v1.1