pppd: do not rely on have_route_to(0) during auth.

pppd/auth.c

@@ -1358,7 +1358,7 @@ auth_check_options(void)
      * If we have a default route, require the peer to authenticate
      * unless the noauth option was given or the real user is root.
      */
-    if (!auth_required && !allow_any_ip && have_route_to(0) && !privileged) {
+    if (!auth_required && !allow_any_ip && !privileged) {
 	auth_required = 1;
 	default_auth = 1;
     }

pppd/pppd.8

@@ -74,11 +74,11 @@ so pppd will ask the peer not to escape any control characters.
 To escape transmitted characters, use the \fIescape\fR option.
 .TP
 .B auth
-Require the peer to authenticate itself before allowing network
-packets to be sent or received.  This option is the default if the
-system has a default route.  If neither this option nor the
-\fInoauth\fR option is specified, pppd will only allow the peer to use
-IP addresses to which the system does not already have a route.
+Require the peer to authenticate itself before allowing network packets to be
+sent or received.  For security reasons this option is the default if pppd is
+executed as a non-privileged user.  If neither this option nor the \fInoauth\fR
+option is specified, pppd will only allow the peer to use IP addresses to which
+the system does not already have a route.
 .TP
 .B call \fIname
 Read additional options from the file /etc/ppp/peers/\fIname\fR.  This