what i am trying to say is .. if some intruder gets to see my password of the dial up account. since wvdial.conf is stored in text format. (and so are the passwords) :)
linuxers@mm.ilug-bom.org.in wrote:
i want to know how to restrict hackers, crackers,external users etc.
from accessing my wvdial.conf file.
chmod 000 wvdial.conf
Wo - Why keep the file then?? :) I believe this wud allow the file to become as good as deleted... Except of course that u can change permissions later,when u (obviously) cant do chmod with a deleted file... Bye, Surya __ __ |__ |__| |/ __|urya |rakash |\ompalli
Email - kompalli@cse.buffalo.edu Phone - Home - (716) 862 0366 - Work - (716) 645 6164 X 519 Website - http://www.ksuryap.freeservers.com
_______________________________________________ http://mm.ilug-bom.org.in/mailman/listinfo/linuxers
Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com
Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in
On Fri, 15 Feb 2002, akshaysalkar wrote:
what i am trying to say is .. if some intruder gets to see my password of the dial up account. since wvdial.conf is stored in text format. (and so are the passwords) :)
so make the wvdial.conf file readable only by root. That way, only root (or someone who has gained root access) can read the file.
If your system is open to the extent that anyone can easily gain root access, then you've got bigger problems than just wvdial password.
Remember though, if the file is only readable by root, then wvdial needs to be run as root (setuid root will do).
Alternately, as I mentioned in my earlier mail, create a user and group for wvdial to run as, make it setuid that user, and make the file only readable by that user. Also, make your serial ports only rw by that user.
-
akshaysalkar -
Philip S Tellis