[PATCH] Re: lpd security questions

[Garance A Drosihn <drosih@rpi.edu>]

At 4:19 PM +0000 2/22/02, kevin lyda wrote:
>On Fri, Feb 22, 2002 at 10:06:47AM +0100, Ragnar Beer wrote:
>  > So at the moment I'm thinking about leaving lpd running. But even
>  > if I don't have any entries in /etc/hosts.equiv and /etc/hosts.lpd
>  > having lpd listen on port 515 can still be a risk, can't it?
>
>yep.  you could firewall off the port but here's a patch to add a -u
>flag to lpd which forces it to only open the unix socket.  i haven't
>run it, but it compiled ;^) .  this diff is against the 3.0 sources
>(which match -current at the moment).

Note that both netbsd and freebsd have an option which implements
this behavior.  netbsd calls it '-s', freebsd calls it '-p'.  The
'-s' was chosen to (somewhat) match '-s' in syslogd:

      -s      Operate in secure mode.  Do not log messages from
              remote machines.

(that's part of freebsd's description of -s in syslogd).  I forget
why -p was chosen for freebsd, though it was something which made
sense at the time...  I think we got two PR's at about the same
time, and we happened to go with the one which suggested '-p'.

If you're going to add this, it would be nice to add it as '-s'
and not '-u'.  I do intend to add '-s' as a synonym for '-p' in
freebsd's lpd, and in fact I meant to add it after 4.4-release,
but forgot to get back to that.

>   would more people want this - where would i submit it?

Note that I work on lpr in freebsd, not openbsd, so I can't
answer this question...   :-)  I wouldn't mind working on it for
openbsd too, but realistically I'm not active enough with openbsd
to volunteer to help out in that area.

-- 
Garance Alistair Drosehn            =   gad@eclipse.acs.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu