On Fri, 9 Nov 2001, Robert Davies wrote:
jcm>> IMO, the most important point to make is that of privileges. If you
jcm>> carefully set these things up as a dedicated (non-root) user then
jcm>> there's a lot less damage these exploits can do :) <snip>
> True, but you do get into problems if you have set non-root uid programs,
> which need sometimes to be run by root (that's insecure).
Well obviously yes. Various attempts have been made to solve this, some
being:
* Dropping privs as often as possible
* Modularisation and separation of privs (has issues)
* Adding more features to the kernel (etc.) to allow for
finer grained control of devices. On Linux for example,
ethernet devices are not actually /dev devices with quite
the degree of flexibilty found elsewhere, there's a lot
of things that could be done better... (e.g. M$ have
almost reasonable ACLs and we don't really with most
GNU/Linux setups - yet).
Still, give lpd credit, it's been around for a long time and is still
evolving (e.g. ppd definitions now) but at the end of the day perhaps the
newer systems will take over and do to lpd what exim (and others) did to
sendmail (though I still use sendmail on a couple of boxen).
--jcm
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
This archive was generated by hypermail 2.1.3 : Thu 22 Nov 2001 - 13:19:34 GMT