Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd

From: Kris Kennaway (kris@obsecurity.org)
Date: 08/30/01


Date: Thu, 30 Aug 2001 12:39:48 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Rob Simmons <rsimmons@wlcg.com>


On Thu, Aug 30, 2001 at 03:33:54PM -0400, Rob Simmons wrote:
> I'm assuming that running lpd with -p to prevent it from opening a port is
> also safe? I didn't see that mentioned in the advisory.

It would probably make it safe from being *remotely* exploited. Local
users who can submit jobs can still do it.

Kris



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message