On Thursday 08 November 2001 22:32, you wrote:
> I stopped using lpr long ago 'coz of all the security 'sploits in it. There
> are better alternatives out there - CUPS for one.
And what makes you think CUPS doesn't have them to? The recent advisory was
a reminder of old previous vulnerabilities. If you look at the Changelog,
you'll see SuSE contributed quite a few security fixes, when they introduced
CUPS into the distro, from their testing. There are bound to be more in
there.
Quite often exchanging old for new software, which is less commonly used, and
checked by fewer ppl, means exchanging known (& patched) problems, for
unknown exploitable ones.
I basically agree about CUPS being an improvement, basically though because
of IPP support, and the ease of admin improvements. Just trying to avoid
complacency, and make the point, that CUPS needs a track record to prove more
secure than current lpd code.
Rob
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
This archive was generated by hypermail 2.1.3 : Thu 22 Nov 2001 - 13:19:27 GMT