LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Kppp

[ILUG] Kppp

Hunt, Bryan B.Hunt at emuse-tech.com
Mon Jun 17 16:57:09 IST 2002 

Theres one thing you can do ... without all that suid file nastieness 

change the file /etc/pam.d/kppp so it matches the following 

cut=
#%PAM-1.0M-1.0
auth    sufficient      /lib/security/pam_rootok.so
#auth   required        /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_console.so
session optional        /lib/security/pam_xauth.so
#session        optional        /lib/security/pam_xauth.so
account required        /lib/security/pam_permit.so
=cut

You can be fancier once you have it working this way.

You will need to undo all that other stuff though.

For added security you may need to look at the documentation for 
pam_access.so

--B




-----Original Message-----
From: Gregory McRandal (ext 722) [mailto:Gregory.McRandal at fineos.com]
Sent: 17 June 2002 16:30
To: Irish Linux User's Group (E-mail)
Subject: [ILUG] Kppp


Hi,

I've managed to botch Kppp (KDE's internet dialler), btw I'm using KDE 3.0
and RH7.2.  Normally when a user runs it they are asked to enter the root
password to continue.  I wanted to have it not ask for the root password and
just work.  So, in accordance with KDEs advice, I created a group called
dialer containing all the users who should be allowed to use Kppp, and
called "chgrp root.dialer kppp" and then "chmod 4750 kppp". After doing this
kpp would not run as a user, It said the kppp was trying to setuid or setgid
and that GTk+ doesn't allow this.  So I called "chgrp root.root kppp" and
the same error persists. It works fine for root.

Gtk-WARNING **: This process is currently running setuid or
setgid.
This is not a supported use of GTK+. You must create a helper
program instead. For further details, see:
http://www.gtk.org/setuid.html
Refusing to initialize GTK+.


Any ideas?

Cheers,

Greg


**************************************************************************
The information contained in this e-mail is confidential,
may be privileged and is intended only for the use of the
recipient named above. If you are not the intended
recipient or a representative of the intended recipient,
you have received this e-mail in error and must not copy,
use or disclose the contents of this email to anybody
else. If you have received this e-mail in error, please
notify the sender immediately by return e-mail and
permanently delete the copy you received. This email has
been swept for computer viruses. However, you should
carry out your own virus checks.


Registered in Ireland, No. 205721. http://www.FINEOS.com
**************************************************************************


-- 
Irish Linux Users' Group: ilug at linux.ie
http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
List maintainer: listmaster at linux.ie

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell