Date: Fri, 25 Oct 1996 18:16:59 -0600 From: Warner Losh <imp@village.org> To: Marc Slemko <marcs@znep.com> Cc: security@freebsd.org Subject: Re: Vadim Kolontsov: BoS: Linux & BSD's lpr exploit Message-ID: <E0vGwQt-0002j6-00@rover.village.org> In-Reply-To: Your message of "Fri, 25 Oct 1996 18:03:19 MDT." <Pine.BSF.3.95.961025174911.27697E-100000@alive.ampr.ab.ca> References: <Pine.BSF.3.95.961025174911.27697E-100000@alive.ampr.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.3.95.961025174911.27697E-100000@alive.ampr.ab.ca> Marc Slemko writes: : You can argue both ways, but I really don't think it matters too much. I : do, however, really thinks that the idea logging things like this should : be pursued; either someone is trying to breakin, which is bad, or someone : is really trying to do something odd, in which case it would be nice to : know why it wasn't working as it should. I was thinking that too. There are a lot of fixes in OpenBSD, and many of them are begging for a syslog to alert the system admin that you might be under attack. : I would also suggest that perhaps it is even worth scrapping lpr entirely. : There are numerous other security changes in the OpenBSD source tree, and : even then I would bet there are still other problems with the code. Yes. There are a boatload. And a bunch more just went in today. Many of them are very defensive programming, and seem to be somewhat sane. I'm not sure how many of them should have some kind of warning generated when they are triggered. It all depends on how paranoid you are :-). I don't have a good answer for that. At the very least OpenBSD will be much less likely to be breached, which is likely the most important thing. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vGwQt-0002j6-00>