Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd

From: Brooks Davis (brooks@one-eyed-alien.net)
Date: 08/30/01 

Date: Thu, 30 Aug 2001 14:23:40 -0700
From: Brooks Davis <brooks@one-eyed-alien.net>
To: Garance A Drosihn <drosih@rpi.edu>

On Thu, Aug 30, 2001 at 04:14:28PM -0400, Garance A Drosihn wrote:
> That would be a quick workaround to prevent any remote attacks.
> It of course means that you won't be accepting jobs from any remote
> hosts, even if they are listed in /etc/hosts.lpd .
>
> Note, however, that '-p' is fairly recent [July 2000], so this
> workaround would not be available to any older releases. I think
> that option first showed up in 4.1-RELEASE.

I'd been meaning to ask, is there any good reason not to make the default
lpd_flags value "-p", at least in 5.0? After all, most machines are
not print servers even if they do run lpd so they can print.

-- Brooks 

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message