Date: Thu, 30 Aug 2001 12:39:48 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Rob Simmons <rsimmons@wlcg.com> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd Message-ID: <20010830123948.A23605@xor.obsecurity.org> In-Reply-To: <20010830153246.K69164-100000@mail.wlcg.com>; from rsimmons@wlcg.com on Thu, Aug 30, 2001 at 03:33:54PM -0400 References: <200108301915.f7UJFv735421@freefall.freebsd.org> <20010830153246.K69164-100000@mail.wlcg.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Thu, Aug 30, 2001 at 03:33:54PM -0400, Rob Simmons wrote: > I'm assuming that running lpd with -p to prevent it from opening a port is > also safe? I didn't see that mentioned in the advisory. It would probably make it safe from being *remotely* exploited. Local users who can submit jobs can still do it. Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7jpaDWry0BWjoQKURAsSGAJ9hBHJeL5F5KfBqtgCo5A/PUiv4FwCeL5pu ohRW54SDcqu4XCRLgBzF7d4= =0MCz -----END PGP SIGNATURE-----help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010830123948.A23605>