Fellow LugHeads, I have a box at home that I setup as a firewall & ppp dialer to my ISP. I made a cgi-bin bash script that allows me to dial out, turn off the connection, or shut down the machine. (I tried auto-dial/disconnect, but wanted more control) Getting the devices, programs and files setup with workable security(tty-port, pppd, scripts,..) was a challenge. My normal strategy has been to curse unix security, then go root and do whatever I darn please. But coming in through the Apache cgi script forced me to deal with security in something other than my brute force root fashion. My lack of unix security know-how quickly showed, I believe I just SUID various hardware(dev/ttyS#), programs(pppd,chat) and files(scripts, did I do bash? that would be sick, eh?) until it worked. Its a good thing there isn't a master switch to turn the whole system to ROOT, I would have thrown it. Any comments on do's and don'ts in a situation like this? I suppose I should learn how to setup and use group file settings. Heres a good read I found on those funny security bits: http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/features.html Any recommendations for good books to have on hand for this sort of thing? After reading a few of your tips can I claim to be a Security Expert? :-) Karl