X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fpppd.8;h=b4bbdb035e5798114657d896fd81bb7e0ad26bdb;hp=a4cd4c596aae311e840e5e57624465240fc30fba;hb=1fae28ce79350b03f0cf8a69ad06dd68637cd6b1;hpb=0875ace97fd7efe9a109a282a2f30c20872c78aa diff --git a/pppd/pppd.8 b/pppd/pppd.8 index a4cd4c5..b4bbdb0 100644 --- a/pppd/pppd.8 +++ b/pppd/pppd.8 @@ -1,5 +1,5 @@ .\" manual page [] for pppd 2.3 -.\" $Id: pppd.8,v 1.33 1999/03/03 00:52:08 paulus Exp $ +.\" $Id: pppd.8,v 1.34 1999/03/12 06:07:19 paulus Exp $ .\" SH section heading .\" SS subsection heading .\" LP paragraph @@ -36,7 +36,9 @@ Control Protocol, IPCP). Communicate over the named device. The string "/dev/" is prepended if necessary. If no device name is given, or if the name of the terminal connected to the standard input is given, pppd will use that terminal, -and will not fork to put itself in the background. +and will not fork to put itself in the background. A value for this +option from a privileged source cannot be overridden by a +non-privileged user. .TP .I Set the baud rate to (a decimal number). On systems such as @@ -73,8 +75,9 @@ is described below. .B connect \fIscript Use the executable or shell command specified by \fIscript\fR to set up the serial line. This script would typically use the chat(8) -program to dial the modem and start the remote ppp session. This -option is privileged if the \fInoauth\fR option is used. +program to dial the modem and start the remote ppp session. A value +for this option from a privileged source cannot be overridden by a +non-privileged user. .TP .B crtscts Use hardware flow control (i.e. RTS/CTS) to control the flow of @@ -112,8 +115,8 @@ Run the executable or shell command specified by \fIscript\fR after pppd has terminated the link. This script could, for example, issue commands to the modem to cause it to hang up if hardware modem control signals were not available. The disconnect script is not run if the -modem has already hung up. This option is privileged if the -\fInoauth\fR option is used. +modem has already hung up. A value for this option from a privileged +source cannot be overridden by a non-privileged user. .TP .B escape \fIxx,yy,... Specifies that certain characters should be escaped on transmission @@ -612,6 +615,13 @@ compression, and agree to compress transmitted frames with Predictor-1 if requested. This option has no effect unless the kernel driver supports Predictor-1 compression. .TP +.B privgroup \fIgroup-name +Allows members of group \fIgroup-name\fR to use privileged options. +This is a privileged option. Use of this option requires care as +there is no guarantee that members of \fIgroup-name\fR cannot use pppd +to become root themselves. Consider it equivalent to putting the +members of \fIgroup-name\fR in the kmem or disk group. +.TP .B proxyarp Add an entry to this system's ARP [Address Resolution Protocol] table with the IP address of the peer and the Ethernet address of this @@ -661,8 +671,8 @@ must be between 2 and 16 (inclusive). .B welcome \fIscript Run the executable or shell command specified by \fIscript\fR before initiating PPP negotiation, after the connect script (if any) has -completed. This option is privileged if the \fInoauth\fR option is -used. +completed. A value for this option from a privileged source cannot be +overridden by a non-privileged user. .TP .B xonxoff Use software flow control (i.e. XON/XOFF) to control the flow of data on