[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hiding all copies of your PPP password
Omer Zak <omerz@actcom.co.il> wrote:
> Well, the situation is that if you want to set up a PPP connection to
> your ISP, you must create /etc/ppp/pap-secrets and/or /etc/ppp/chap-secrets.
> Also, if you use chat (rather than dip) to help pppd get started, then you
> must
> write a chat script.
>
> The problem is that those files contain your password in clear text form.
> So if someone succeeds in breaking into your Linux system and gaining root
> privileges, then also your ISP account is open for him.
I someone breaks in your system as root, there is nothing you can prevent him
from. For example, he can modify pppd to email the password in the clear text to
@mailpush.com :)
Regards,
Evgeny
--
____________________________________________________________
/ Evgeny Stambulchik <fnevgeny@plasma-gate.weizmann.ac.il> \
/ Plasma Laboratory, Weizmann Institute of Science, Israel \ \
| Phone : (972)8-934-3610 == | == FAX : (972)8-934-3491 | |
| URL : http://plasma-gate.weizmann.ac.il/~fnevgeny/ | |
| Finger for PGP key >=====================================+ |
|______________________________________________________________|