Today I did some testing concerning lpd and I was very astonished to see
that lpd accepts jobs also from insecure ports (violating RFC 1179). It
does not accept such jobs on 2.1.6-RELEASE (yes, I still have some old 386
system out there with 2.1.6) but it does on 3.x (and as far as I've seen
from the code) and 4.x and also on 2.2.6.
Why and when has the behaviour of lpd been changed? I'd like lpd only to
accept connections from secure ports (do you remember the famous error
message `Malformed from address'? ;-) )
Thanks for any reply!
Konrad Heuer Personal Bookmarks:
Gesellschaft für wissenschaftliche
Datenverarbeitung mbH GÖttingen http://www.freebsd.org
Am Faßberg, D-37077 GÖttingen http://www.daemonnews.org
Deutschland (Germany)
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
