Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd
From: Brooks Davis (brooks@one-eyed-alien.net)
Date: 08/31/01
- Next message: Kris Kennaway: "Re: Security update packages don't recognized patched 4.3-RELEASE"
- Previous message: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- In reply to: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- Next in thread: Garance A Drosihn: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 30 Aug 2001 18:50:45 -0700 From: Brooks Davis <brooks@one-eyed-alien.net> To: Kris Kennaway <kris@obsecurity.org>
On Thu, Aug 30, 2001 at 06:45:33PM -0700, Kris Kennaway wrote:
> On Thu, Aug 30, 2001 at 05:57:59PM -0400, Garance A Drosihn wrote:
>
> > [actually, I almost think that lpd should default to "secure" operation,
> > and require someone to specify some startup flag if they DO want to
> > accept remote print jobs, but that is probably too dramatic of a change.
> > I also don't know how these flags would interact with the popular
> > alternatives to the standard lpr/lpd, such as lprNG...]
>
> I think that would be a reasonable thing to do at least in 5.0.
I agree, maybe what we should do is change lpd_flags to -p or -s or what
ever for 4.5-RELEASE (it's too late for 4.4 IMO). That would be better
for over all security, but wouldn't change lpd's options, just what we
pass to it by default. Then for 5.0 we fix lpd to have the sane default
and require a new flag to bind a port.
-- Brooks
-- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Kris Kennaway: "Re: Security update packages don't recognized patched 4.3-RELEASE"
- Previous message: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- In reply to: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- Next in thread: Garance A Drosihn: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|