From owner-freebsd-hackers Mon May 8 8:17:54 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32]) by hub.freebsd.org (Postfix) with ESMTP id 55C1037B7D5 for ; Mon, 8 May 2000 08:17:50 -0700 (PDT) (envelope-from dwhite@resnet.uoregon.edu) Received: from localhost (dwhite@localhost) by resnet.uoregon.edu (8.9.3/8.9.3) with ESMTP id IAA76676; Mon, 8 May 2000 08:16:34 -0700 (PDT) (envelope-from dwhite@resnet.uoregon.edu) Date: Mon, 8 May 2000 08:16:34 -0700 (PDT) From: Doug White To: Konrad Heuer Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Connect to lpd on insecure port In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 8 May 2000, Konrad Heuer wrote: > > Today I did some testing concerning lpd and I was very astonished to see > that lpd accepts jobs also from insecure ports (violating RFC 1179). It > does not accept such jobs on 2.1.6-RELEASE (yes, I still have some old 386 > system out there with 2.1.6) but it does on 3.x (and as far as I've seen > from the code) and 4.x and also on 2.2.6. > Why and when has the behaviour of lpd been changed? I'd like lpd only to > accept connections from secure ports (do you remember the famous error > message `Malformed from address'? ;-) ) I think that particular message is why the change came about. Also pure usability -- it's awfully hard to submit a job from a priviledged port as a user, and I don't want to submit jobs as root. If you don't like it, that's what ipfw is for. :) Doug White | FreeBSD: The Power to Serve dwhite@resnet.uoregon.edu | www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message