Date: Sun, 16 Jul 2000 20:15:05 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Christopher Masto <chris@netmonger.net> Cc: Garance A Drosihn <drosih@rpi.edu>, "Louis A. Mamakos" <louie@TransSys.COM>, Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, current@FreeBSD.ORG Subject: Re: Request for comments: new `lpd' suite feature Message-ID: <200007170015.UAA00415@khavrinen.lcs.mit.edu> In-Reply-To: <20000716164658.A25557@netmonger.net> References: <200007142139.RAA88779@khavrinen.lcs.mit.edu> <v0421010db59547b0a7e1@[128.113.24.47]> <200007150409.AAA32685@whizzo.transsys.com> <v04210113b597aec12e89@[128.113.24.47]> <20000716164658.A25557@netmonger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Sun, 16 Jul 2000 16:46:58 -0400, Christopher Masto <chris@netmonger.net> said: > Huh? Security through ignorance? Remember that `lpr' is setuid-root and uses a ``privileged'' port for its communications. Many sites may still be using trusted-host ``authentication'' internally, and LPRng's ``feature'' may enable a compromise of some such service. (Got enough scare quotes there?) -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007170015.UAA00415>