Configuring the Serial Line Internet Protocol (SLIP)

Running slattach for users other than root

The slattach command allows you to specify the local and remote IP addresses on the command line and to turn on proxy-ARP. As an unscrupulous user could use these features to intercept network traffic, ordinary users are prevented from using this command by the permissions and ownership set on slattach. Only root and users in the group network (with group ID 10) can run slattach. In this way, root can set up accounts for dial-in access by SLIP provided that they are in the network group. For instructions on how to add a user to a group, see ``Changing a user's group membership''.

NOTE: You cannot use the scoadmin Account Manager to add a dial-in SLIP user to the network group. You must edit /etc/group instead. For example, the following entry from /etc/group defines the users network and nslip as members of the network group:

   network::10:network,nslip

NOTE: Because slattach is a setuid program, a user must have the execsuid kernel privilege to be able to run it. If the system is operating with a High or Improved security profile, users do not have the execsuid kernel privilege by default. root can assign this privilege using the scoadmin(ADM) Account Manager. For instructions on how to change a user's kernel privileges, see ``Changing system privileges''.

NOTE: Only root can kill the slattach process to remove a SLIP interface. Additionally, only root can remove the associated route from the routing table.