From owner-freebsd-security  Thu Aug 30 18:57:39 2001
Delivered-To: freebsd-security@freebsd.org
Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75])
	by hub.freebsd.org (Postfix) with ESMTP id 4533837B401
	for <freebsd-security@FreeBSD.ORG>; Thu, 30 Aug 2001 18:57:35 -0700 (PDT)
	(envelope-from brdavis@odin.ac.hmc.edu)
Received: (from brdavis@localhost)
	by odin.ac.hmc.edu (8.11.0/8.11.0) id f7V1ojv13068;
	Thu, 30 Aug 2001 18:50:45 -0700
Date: Thu, 30 Aug 2001 18:50:45 -0700
From: Brooks Davis <brooks@one-eyed-alien.net>
To: Kris Kennaway <kris@obsecurity.org>
Cc: Garance A Drosihn <drosih@rpi.edu>, freebsd-security@FreeBSD.ORG
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd
Message-ID: <20010830185045.A12765@Odin.AC.HMC.Edu>
References: <20010830153246.K69164-100000@mail.wlcg.com> <p05101002b7b44cbd3f34@[128.113.24.47]> <20010830142340.A15795@Odin.AC.HMC.Edu> <p05101003b7b46478cf15@[128.113.24.47]> <20010830184533.C27546@xor.obsecurity.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="RnlQjJ0d97Da+TV1"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010830184533.C27546@xor.obsecurity.org>; from kris@obsecurity.org on Thu, Aug 30, 2001 at 06:45:33PM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--RnlQjJ0d97Da+TV1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Aug 30, 2001 at 06:45:33PM -0700, Kris Kennaway wrote:
> On Thu, Aug 30, 2001 at 05:57:59PM -0400, Garance A Drosihn wrote:
>=20
> > [actually, I almost think that lpd should default to "secure" operation,
> > and require someone to specify some startup flag if they DO want to
> > accept remote print jobs, but that is probably too dramatic of a change.
> > I also don't know how these flags would interact with the popular
> > alternatives to the standard lpr/lpd, such as lprNG...]
>=20
> I think that would be a reasonable thing to do at least in 5.0.

I agree, maybe what we should do is change lpd_flags to -p or -s or what
ever for 4.5-RELEASE (it's too late for 4.4 IMO).  That would be better
for over all security, but wouldn't change lpd's options, just what we
pass to it by default.  Then for 5.0 we fix lpd to have the sane default
and require a new flag to bind a port.

-- Brooks

--=20
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

--RnlQjJ0d97Da+TV1
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7ju11XY6L6fI4GtQRAgZ5AKCMwt8895/vSC35p7VlGYb7vTrCoACeOB/p
P2SPqnwXeFsZmgJCrALt1rA=
=VGN1
-----END PGP SIGNATURE-----

--RnlQjJ0d97Da+TV1--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message