Bugtraq mailing list archives
Re: Wvdial insecure conf?
From: Stefan Riegelnik <sriegelnik () netway at>
Date: Thu, 2 Aug 2001 02:22:40 +0200 (CEST)
On Wed, 1 Aug 2001, Qlo wrote:
I've compiled and installed wvdial (a dialer for dial up connection) and the program wvdialconf generate a file called wvdial.conf. In this file : AT strings, username, pass and another setting like /etc/ppp/options. But now the problem, with ls -l -rw-r--r-- 1 root root 335 Aug 1 18:21 wvdial.conf
I do not think so - I think it depends on the permissions of the wvdial.conf, as [from the man-page of wvdialconf] It is safe to run wvdialconf if a configuration file already exists. In that case, only the Modem, Baud, Init, and Init2 options are changed in the [Dialer Defaults] section, and only if autodetection is successful. and root@wnerie /etc# ls -l wvdial.conf -rw------- 1 root root 300 Aug 2 02:08 /etc/wvdial.conf root@wnerie /etc# wvdialconf /etc/wvdial.conf Scanning your serial ports for a modem. [...snipp...] root@wnerie /etc# ls -l wvdial.conf -rw------- 1 root root 300 Aug 2 02:10 wvdial.conf If the file does not exist, the permissions of the file created are 600 root@wnerie /# wvdialconf /tmp/testbuq [...snipp...] root@wnerie /tmp# ls -al testbuq -rw------- 1 root root 205 Aug 2 02:07 testbuq root@wnerie /tmp# cat testbuq [ Tested on Redhat 6.0, 2.2.19, WvDial 1.41 ] Regards, Stefan -- stefan riegelnik mailto:sriegelnik () netway at Whatever occurs from love is always beyond good and evil. -- Friedrich Nietzsche
Current thread:
- Wvdial insecure conf? Qlo (Aug 01)
- Re: Wvdial insecure conf? Stefan Riegelnik (Aug 01)
- <Possible follow-ups>
- RE: Wvdial insecure conf? Black, Braden (Aug 02)