Hi, Previously I used exclusively the smpppd/kinternet combo, but now for a workstation having no X I configured wvdial, which works well. I saw, that the original access rights for its config-file are: triznya:/etc # ls -l wvdial.conf -rw-r----- 1 root dialout 328 Dec 5 21:36 wvdial.conf so in fact users being in the dialout group can read that file and have the chance to check e.g. the password written into it. Is this correct and would be another known way to save the password, but in the same time hide it somehow from the users? Another question, concerning wvdial, that I found no option where I could tell, that the dialing statistic/messages should go into a log file, not to stdin. Is there anyone out there having a working wvdial- logging setup?! I would guess, that if I redirect all output of the program into a file, I would lose the interactivity in its control... Thank you, Pelibali
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2005-12-07 at 12:42 +0100, pelibali wrote:
I saw, that the original access rights for its config-file are:
triznya:/etc # ls -l wvdial.conf -rw-r----- 1 root dialout 328 Dec 5 21:36 wvdial.conf
so in fact users being in the dialout group can read that file and have the chance to check e.g. the password written into it. Is this correct and would be another known way to save the password, but in the same time hide it somehow from the users?
I suppose that a user that must run wvdial, should have read access to that file. Mmm, no, rather wvdial should have read access to it. If this is not acceptable, see the man page: When wvdial starts, it first loads its configuration from /etc/wvdial.conf and ~/.wvdialrc which contains basic informa tion about the modem port, speed, and init string, along with information about your Internet Service Provider (ISP), such as the phone number, your username, and your password. In this way, you can move the ISP login/pass details to the user ~/.wvdialrc file; probably even root can have its own file also, and in this way the main one needs not have secrets. By the way, in SuSE 9.3 I had to make the binay SUID to be able to run it as user, not root. I did not need that in previous versions.
Another question, concerning wvdial, that I found no option where I could tell, that the dialing statistic/messages should go into a log file, not to stdin. Is there anyone out there having a working wvdial- logging setup?! I would guess, that if I redirect all output of the program into a file, I would lose the interactivity in its control...
You could redirect the output to "tee" and would not loose control. On the other hand, some info goes to /var/log/messages, and some other other info is accesible through /etc/ppp/ip-down.local, like bytes sent/received. I use an entry there to log that info: Dec 7 18:54:28 nimrodel ip-up.local: --> Up ppp0 /dev/ttyS1 115200 L: 81.41.201.171 R: 80.58.197.105 Par: Dec 7 19:05:47 nimrodel ip-down.local: --> Down ppp0 Recvd/Snt: 907925/161818 in 673 S. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFDlzVitTMYHG2NR9URAktcAJ9Kq1B6PhilQtGZXeAlsXEIKwFzGQCfVvPv 3HVA6pFneaguWJzMooaGqgk= =I2H4 -----END PGP SIGNATURE-----
participants (2)
-
Carlos E. R.
-
pelibali