General Security Considerations
A misconfigured PPP daemon can be a devastating security breach. It can be as bad as letting anyone plug their machine into your Ethernet (and that can be very bad). In this section, we discuss a few measures that should make your PPP configuration safe.
Note
Root privilege is required to configure the network device and routing table. You will usually solve this by running pppd setuid root. However, pppd allows users to set various security-relevant options.
To protect against any attacks a user may launch by manipulating
pppd options, you should set a couple of
default values in the global /etc/ppp/options
file, like those shown in the sample file in Section 8.3,” earlier in this chapter. Some of them, such as the
authentication options, cannot be overridden by the user, and thus
provide reasonable protection against manipulations. An important
option to protect is the connect
option. If you intend to allow
non-root users to invoke pppd to connect to the
Internet, you should always add the connect
and
noauth
options to the global options file
/etc/ppp/options
.
If you fail to do this, users
will be able to execute arbitrary commands with
root
privileges by specifying the command as their
connect
command on the
pppd line or in their personal options file.
Another good idea is to restrict which users may execute
pppd by creating a group in /etc/group
and adding only those users who you wish to have the ability to execute the PPP daemon. You should ...
Get Linux Network Administrator's Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.