Quoting Jed Strauss ([EMAIL PROTECTED]): > On Fri, Mar 23, 2001 at 07:10:27AM -0500, Barry Mathieu wrote: > > I do get some warning at connection time: > > > > --> PPP negotiation detected. > > --> Warning: Could not modify /etc/ppp/pap-secrets: Permission denied > > --> --> PAP (Password Authentication Protocol) may be flaky. > > --> Warning: Could not modify /etc/ppp/chap-secrets: Permission denied > > --> --> CHAP (Challenge Handshake) may be flaky. > > --> Starting pppd at Fri Mar 23 06:35:28 2001 > > > > But the connection works!
Well those error messages look encouraging. If wvdial is running as an ordinary user, it should not be able to, nor should it need to, modify those files. > If your ISP uses PAP/CHAP or you just want to get rid of the error > messages, chmod 660 /etc/ppp/*-secrets. I use this same method. Does > anyone know if this is a security risk? Whether it makes any difference or not, this is a Bad Thing: $ strings /usr/sbin/pppd | grep "\- secret file" Warning - secret file %s has world and/or group access If it makes any difference, then it's a security risk because obviously the group owner of your files is not root (which it should be). $ ls -l /etc/ppp/*secrets -rw------- 1 root root 2296 May 15 2000 /etc/ppp/chap-secrets -rw------- 1 root root 1524 Oct 19 1998 /etc/ppp/pap-secrets is correct. Cheers, -- Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA Disclaimer: These addresses are only for reaching me, and do not signify official stationery. Views expressed here are either my own or plagiarised.