Date: Sun, 16 Jul 2000 22:31:10 -0400 From: Christopher Masto <chris@netmonger.net> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Garance A Drosihn <drosih@rpi.edu>, "Louis A. Mamakos" <louie@TransSys.COM>, current@FreeBSD.ORG Subject: Re: Request for comments: new `lpd' suite feature Message-ID: <20000716223110.A11344@netmonger.net> In-Reply-To: <200007170015.UAA00415@khavrinen.lcs.mit.edu>; from Garrett Wollman on Sun, Jul 16, 2000 at 08:15:05PM -0400 References: <200007142139.RAA88779@khavrinen.lcs.mit.edu> <v0421010db59547b0a7e1@[128.113.24.47]> <200007150409.AAA32685@whizzo.transsys.com> <v04210113b597aec12e89@[128.113.24.47]> <20000716164658.A25557@netmonger.net> <200007170015.UAA00415@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jul 16, 2000 at 08:15:05PM -0400, Garrett Wollman wrote: > <<On Sun, 16 Jul 2000 16:46:58 -0400, Christopher Masto <chris@netmonger.net> said: > > > Huh? Security through ignorance? > > Remember that `lpr' is setuid-root and uses a ``privileged'' port for > its communications. Many sites may still be using trusted-host > ``authentication'' internally, and LPRng's ``feature'' may enable a > compromise of some such service. (Got enough scare quotes there?) That is indeed something I failed to consider. I suppose it would be necessary to have some control over that feature in some environments. I just find it incredibly convenient to be able to install LPRng on a bunch of client machines and just rm /etc/printcap, set $PRINTER, and be done with it. -- Christopher Masto Senior Network Monkey NetMonger Communications chris@netmonger.net info@netmonger.net http://www.netmonger.net Free yourself, free your machine, free the daemon -- http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000716223110.A11344>