Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd

From: Brooks Davis (brooks@one-eyed-alien.net)
Date: 08/31/01

• Next message: Kris Kennaway: "Re: Security update packages don't recognized patched 4.3-RELEASE"
• Previous message: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
• In reply to: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
• Next in thread: Garance A Drosihn: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 30 Aug 2001 18:50:45 -0700
From: Brooks Davis <brooks@one-eyed-alien.net>
To: Kris Kennaway <kris@obsecurity.org>

On Thu, Aug 30, 2001 at 06:45:33PM -0700, Kris Kennaway wrote:
> On Thu, Aug 30, 2001 at 05:57:59PM -0400, Garance A Drosihn wrote:
>
> > [actually, I almost think that lpd should default to "secure" operation,
> > and require someone to specify some startup flag if they DO want to
> > accept remote print jobs, but that is probably too dramatic of a change.
> > I also don't know how these flags would interact with the popular
> > alternatives to the standard lpr/lpd, such as lprNG...]
>
> I think that would be a reasonable thing to do at least in 5.0.

I agree, maybe what we should do is change lpd_flags to -p or -s or what
ever for 4.5-RELEASE (it's too late for 4.4 IMO). That would be better
for over all security, but wouldn't change lpd's options, just what we
pass to it by default. Then for 5.0 we fix lpd to have the sane default
and require a new flag to bind a port.

-- Brooks

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• application/pgp-signature attachment: stored

• Next message: Kris Kennaway: "Re: Security update packages don't recognized patched 4.3-RELEASE"
• Previous message: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
• In reply to: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
• Next in thread: Garance A Drosihn: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Letting a user select a color for a control ... CC_FULLOPEN flag instead of the CC_SOLIDCOLOR flag in order to do this. ... is there any way to specify where on the screen the Color Dialog ... > specify an initial color selection. ... >> something before calling aDialogColor. ... (microsoft.public.access.modulesdaovba) Re: Problem with fopen, linux, and RS-232, possibly ... Are those pins you specified the DCD signal? ... you may want the O_NOCTTY flag to be present. ... Try writing the program using openinstead, and specify the exact ... may be unaware of its "readiness", then any opencall may not block. ... (comp.lang.c) Re: date from yesterday ... | | versions of date that uses the -v flag. ... | | adjust units, but without the -/+ preceding the unit it gives the ... Users in countries that didn't switch from the Julian ... Fully functional demos available by email request (specify OS). ... (comp.unix.sco.misc) Re: how to import two .tlb uses same interface? ... Unless you specify no_namespace flag on #import directive, ... interfaces will be in different namespaces. ... (microsoft.public.vc.atl) Re: Questions of CreateFile and WriteFile ... CreateFile(fileName, FLAG, ... > How to specify the position in a file for writing in Win32? ... SetFilePointeror SetEndOfFile. ... > ..., or disk files." ... (microsoft.public.vc.language)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint