From owner-freebsd-current  Sun Jul 16 21:51:11 2000
Delivered-To: freebsd-current@freebsd.org
Received: from camus.cybercable.fr (camus.cybercable.fr [212.198.0.200])
	by hub.freebsd.org (Postfix) with SMTP id EB9F637BA6C
	for <current@FreeBSD.ORG>; Sun, 16 Jul 2000 21:50:37 -0700 (PDT)
	(envelope-from clefevre%no-spam@citeweb.net)
Received: (qmail 15401862 invoked from network); 17 Jul 2000 04:50:36 -0000
Received: from r224m65.cybercable.tm.fr (HELO gits.dyndns.org) ([195.132.224.65]) (envelope-sender <clefevre%no-spam@citeweb.net>)
          by camus.cybercable.fr (qmail-ldap-1.03) with SMTP
          for <wollman@khavrinen.lcs.mit.edu>; 17 Jul 2000 04:50:36 -0000
Received: (from root@localhost)
	by gits.dyndns.org (8.9.3/8.9.3) id GAA45817;
	Mon, 17 Jul 2000 06:50:32 +0200 (CEST)
	(envelope-from clefevre%no-spam@citeweb.net)
Posted-Date: Mon, 17 Jul 2000 06:50:32 +0200 (CEST)
To: Christopher Masto <chris@netmonger.net>
Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
	Garance A Drosihn <drosih@rpi.edu>,
	"Louis A. Mamakos" <louie@TransSys.COM>, current@FreeBSD.ORG
Subject: Re: Request for comments: new `lpd' suite feature
References: <200007142139.RAA88779@khavrinen.lcs.mit.edu>
	<v0421010db59547b0a7e1@[128.113.24.47]>
	<200007150409.AAA32685@whizzo.transsys.com>
	<v04210113b597aec12e89@[128.113.24.47]>
	<20000716164658.A25557@netmonger.net>
	<200007170015.UAA00415@khavrinen.lcs.mit.edu>
	<20000716223110.A11344@netmonger.net>
Reply-To: clefevre@citeweb.net
X-Face: V|+c;4!|B?E%BE^{E6);aI.[<<r#uCVjK"~Ke!@0vxS/.,wki/c|uVnNV!BA-_gY2sfoGc3
        f{#/$PT>97Zd*>^#%Y5Cxv;%Y[PT-LW3;A:fRrJ8+^k"e7@+30g0YD0*^^3jgyShN7o?a]C
        la*Zv'5NA,=963bM%J^o]C
From: Cyrille Lefevre <clefevre%no-spam@citeweb.net>
Date: 17 Jul 2000 06:50:31 +0200
In-Reply-To: Christopher Masto's message of "Sun, 16 Jul 2000 22:31:10 -0400"
Message-ID: <og3xxsvc.fsf@pc166.gits.fr>
Lines: 24
User-Agent: Gnus/5.0807 (Gnus v5.8.7) XEmacs/21.1 (Canyonlands)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Christopher Masto <chris@netmonger.net> writes:

> On Sun, Jul 16, 2000 at 08:15:05PM -0400, Garrett Wollman wrote:
> > <<On Sun, 16 Jul 2000 16:46:58 -0400, Christopher Masto <chris@netmonger.net> said:
> > 
> > > Huh?  Security through ignorance?
> > 
> > Remember that `lpr' is setuid-root and uses a ``privileged'' port for
> > its communications.  Many sites may still be using trusted-host
> > ``authentication'' internally, and LPRng's ``feature'' may enable a
> > compromise of some such service.  (Got enough scare quotes there?)
> 
> That is indeed something I failed to consider.  I suppose it would be
> necessary to have some control over that feature in some environments.
> I just find it incredibly convenient to be able to install LPRng on
> a bunch of client machines and just rm /etc/printcap, set $PRINTER,
> and be done with it.

as I remeber me, the same thing is possible under newer Solaris boxes.

Cyrille.
-- 
home:mailto:clefevre%no-spam@citeweb.net Supprimer "%no-spam" pour me repondre.
work:mailto:Cyrille.Lefevre%no-spam@edf.fr Remove "%no-spam" to answer me back.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message