Because PPP needs to set up networking devices, change the kernel routing table and so forth, it requires root privileges to do this.
If users other than root are to set up PPP connections, the pppd program should be setuid root :-
-rwsr-xr-x 1 root root 95225 Jul 11 00:27 /usr/sbin/pppd
If /usr/sbin/pppd is not set up this way, then as root issue the command:-
chmod u+s /usr/sbin/pppd
What this does is make pppd run with root privileges even if the binary is run by an ordinary user. This allows a normal user to run pppd with the necessary privileges to set up the network interfaces and the kernel routing table.
Programs that run 'set uid root' are potential security holes and you should be extremely cautious about making programs 'suid root'. A number of programs (including pppd) have been carefully written to minimise the danger of running suid root, so you should be safe with this one (but no guarantees).
Depending on how you want your system to operate - specifically if you want ANY user on your system to be able to initiate a PPP link, you should make your ppp-on/off scripts world read/execute. (This is probably fine if your PC is used ONLY by you).
However, if you do NOT want just anyone to be able to start up a PPP connection (for example, your children have accounts on your Linux PC and you do not want them hooking into the Internet without your supervision), you will need to establish a PPP group (as root, edit /etc/group) and :-
-rwsr-x--- 1 root PPP 95225 Jul 11 00:27 /usr/sbin/pppd
-rwxr-x--- 1 root PPP 587 Mar 14 1995 /usr/sbin/ppp-on -rwxr-x--- 1 root PPP 631 Mar 14 1995 /usr/sbin/ppp-off
Even if you do this, ordinary users will STILL not be able to shut down
the link under software control! Running the
requires root privileges. However, any user can just turn off the modem
(or disconnect the telephone line from an internal modem).
An alternative (and better method) to this set up is to use the
sudo program. This offers superior security and will allow you to
set things up so that any (authorised) user can activate/deactivate the
link using the scripts. Using
sudo will allow an authorised user to
activate/deactivate the PPP link cleanly and securely.