Date: Thu, 30 Aug 2001 12:39:48 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Rob Simmons <rsimmons@wlcg.com> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd Message-ID: <20010830123948.A23605@xor.obsecurity.org> In-Reply-To: <20010830153246.K69164-100000@mail.wlcg.com>; from rsimmons@wlcg.com on Thu, Aug 30, 2001 at 03:33:54PM -0400 References: <200108301915.f7UJFv735421@freefall.freebsd.org> <20010830153246.K69164-100000@mail.wlcg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Aug 30, 2001 at 03:33:54PM -0400, Rob Simmons wrote: > I'm assuming that running lpd with -p to prevent it from opening a port is > also safe? I didn't see that mentioned in the advisory. It would probably make it safe from being *remotely* exploited. Local users who can submit jobs can still do it. Kris --SLDf9lqlvOQaIe6s Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7jpaDWry0BWjoQKURAsSGAJ9hBHJeL5F5KfBqtgCo5A/PUiv4FwCeL5pu ohRW54SDcqu4XCRLgBzF7d4= =0MCz -----END PGP SIGNATURE----- --SLDf9lqlvOQaIe6s-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010830123948.A23605>