From ac231ad858ed29b5fa70b2bd5d9297413dfaa427 Mon Sep 17 00:00:00 2001 From: brian Date: Wed, 31 Dec 1997 03:58:45 +0000 Subject: Suggest using /var/tmp for local domain `diagnostic' sockets, rather than making a new directory. Also, suggest 0600 permissions (mask: 0177). Dangers noted by: Theo de Raadt --- etc/ppp/ppp.conf.sample | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'etc/ppp') diff --git a/etc/ppp/ppp.conf.sample b/etc/ppp/ppp.conf.sample index 62bebdd..f7e276d 100644 --- a/etc/ppp/ppp.conf.sample +++ b/etc/ppp/ppp.conf.sample @@ -4,7 +4,7 @@ # # Originally written by Toshiharu OHNO # -# $Id: ppp.conf.sample,v 1.26 1997/12/27 07:22:10 brian Exp $ +# $Id: ppp.conf.sample,v 1.27 1997/12/30 23:34:35 brian Exp $ # ################################################################# @@ -116,13 +116,10 @@ examples: # # When in -auto, -ddial, -direct or -background mode, ppp can accept # control instructions from the ``pppctl'' program. First, you must -# set up your control socket. It's safest to use a UNIX domain socket -# and to keep these sockets in one place: -# # mkdir /var/ppp -# # chmod 1777 /var/ppp -# then create your socket there: +# set up your control socket. It's safest to use a UNIX domain socket, +# and watch the permissions: # - set server /var/ppp/internet 0660 + set server /var/tmp/internet 0177 # # Although a TCP port may be used if you want to allow control # connections from other machines: @@ -314,7 +311,7 @@ loop: set escape 0xff set ifaddr 127.0.0.2 127.0.0.3 set openmode passive - set server /tmp/loop "" + set server /var/tmp/loop "" 0177 loop-in: set timeout 0 -- cgit v1.1