Date: Tue, 17 Nov 1998 13:18:27 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Garance A Drosihn <drosih@rpi.edu> Cc: Matthew Dillon <dillon@apollo.backplane.com>, freebsd-security@FreeBSD.ORG Subject: Re: making 'lpd' under FreeBSD more secure Message-ID: <199811171818.NAA26453@khavrinen.lcs.mit.edu> In-Reply-To: <v0401170db2775dfbe1a1@[128.113.24.47]> References: <199811162114.PAA06569@s07.sa.fedex.com> <199811170527.VAA23429@apollo.backplane.com> <v0401170db2775dfbe1a1@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Tue, 17 Nov 1998 12:29:17 -0500, Garance A Drosihn <drosih@rpi.edu> said: > I think lpd needs root access for more than just binding to the > port, although I haven't looked at the code yet to remember why > I think that... Still, someone recently went thru the other I was working on a rewrite of lpd at the beginning of the year which unfortunately got stalled. It's possible to have an lpd which runs unprivileged if you give up on hosts.lpd ``authentication'' and are willing to abandon a few other features. Much more useful, in my view, would be work to make lpr run unprivileged -- which is fairly easy to do, conceptually, but hard in practice. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811171818.NAA26453>