From owner-freebsd-security Fri Oct 25 17:17:44 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA09043 for security-outgoing; Fri, 25 Oct 1996 17:17:44 -0700 (PDT) Received: from rover.village.org (rover.village.org [204.144.255.49]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id RAA09022 for ; Fri, 25 Oct 1996 17:17:34 -0700 (PDT) Received: from rover.village.org [127.0.0.1] by rover.village.org with esmtp (Exim 0.56 #1) id E0vGwQt-0002j6-00; Fri, 25 Oct 1996 18:16:59 -0600 To: Marc Slemko Subject: Re: Vadim Kolontsov: BoS: Linux & BSD's lpr exploit Cc: security@freebsd.org In-reply-to: Your message of "Fri, 25 Oct 1996 18:03:19 MDT." References: Date: Fri, 25 Oct 1996 18:16:59 -0600 From: Warner Losh Message-Id: Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In message Marc Slemko writes: : You can argue both ways, but I really don't think it matters too much. I : do, however, really thinks that the idea logging things like this should : be pursued; either someone is trying to breakin, which is bad, or someone : is really trying to do something odd, in which case it would be nice to : know why it wasn't working as it should. I was thinking that too. There are a lot of fixes in OpenBSD, and many of them are begging for a syslog to alert the system admin that you might be under attack. : I would also suggest that perhaps it is even worth scrapping lpr entirely. : There are numerous other security changes in the OpenBSD source tree, and : even then I would bet there are still other problems with the code. Yes. There are a boatload. And a bunch more just went in today. Many of them are very defensive programming, and seem to be somewhat sane. I'm not sure how many of them should have some kind of warning generated when they are triggered. It all depends on how paranoid you are :-). I don't have a good answer for that. At the very least OpenBSD will be much less likely to be breached, which is likely the most important thing. Warner