[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lpd security questions

To: OpenBSD misc <misc@openbsd.org>
Subject: lpd security questions
From: Ragnar Beer <rbeer@uni-goettingen.de>
Date: Fri, 22 Feb 2002 10:06:47 +0100

Howdy!

I'm trying to have as few ports open as possible. So whenever I need to
print I first start lpd, then print, and then kill lpd again. During the
last weeks this has become quite a task, because I have to print quite
often.

So at the moment I'm thinking about leaving lpd running. But even if I
don't have any entries in /etc/hosts.equiv and /etc/hosts.lpd having lpd
listen on port 515 can still be a risk, can't it?

Now I wonder if it is possible to have lpd running *without* opening port
515 (something like a '-nolisten tcp' option) or opening it on 127.0.0.1
only? In man lpd I saw that /var/run/printer is a socket for local
requests. So opening up a port seems not to be necessary (?). But the
manpage doesn't show a way how to configure lpd not to open up a port.

Ragnar

Follow-Ups:
- [PATCH] Re: lpd security questions
  - From: kevin lyda <kevin@suberic.net>
- Re: lpd security questions
  - From: Ben Goren <ben@trumpetpower.com>
- Re: lpd security questions
  - From: Dave Taira <bodhi@hagakure.org>

Prev by Date: Re: XFS from SGI and OpenBSD
Next by Date: Re: XFS from SGI and OpenBSD
Prev by thread: Re: pf documentation (tcpdump question)
Next by thread: [PATCH] Re: lpd security questions
Index(es):
- Date
- Thread