Security issue? Daemon users has to much rights...

Greetings, because of the recent xpdf issues I tested the access restrictions of some users like lp, mail, etc. with default settings in sarge. I noticed that, by default, no acl were used to prevent access to vital system commands, the user shouldn't have. For instance: lp could mount a vfat

Re: Security issue? Daemon users has to much rights...

On 22 Oct 2004, Jan Lhr wrote: because of the recent xpdf issues I tested the access restrictions of some users like lp, mail, etc. with default settings in sarge. I noticed that, by default, no acl were used to prevent access to vital system commands, the user shouldn't have. For instance:

Re: OT, spam tips.

Quoting tomasz abramowicz [EMAIL PROTECTED]: sorry about the off topic, but maybe you guys at debian can fix what my internet provider is talking about? No problem, spam is always interesting to look at (well, at least for me ;). But when I see that they use SBL/XBL yet they still pass on

Your Profile

R e finance before Election when the r a tes will rise! It is your last chance http://www.nokhika.com/ You are already approv e d with 3.0 point Thank you. Heath L. Pace --- Nwasteland I duffy bakery. skyhook it a are spatial are itinerary not Ybundy us with gum. plaintiff veto

Re: Security issue? Daemon users has to much rights...

Greetings, Am Freitag, 22. Oktober 2004 14:02 schrieb Daniel Pittman: On 22 Oct 2004, Jan Lhr wrote: because of the recent xpdf issues I tested the access restrictions of some users like lp, mail, etc. with default settings in sarge. I noticed that, by default, no acl were used to prevent

警告！ウイルスチェックサービス

== (BVIRUS GUARD and CHECK SERVICE for E-Mail Powerd by SYMANTEC Scan Engine. (B $B$"$J$?$,Aw$C$?%a!<%k$K%&%#%k%9$rH/8+$7$^$7$?!#(B $B8!CN$5$l$?%&[EMAIL PROTECTED];_$N0Y!"%a!<%k$r:o=|CW$7$^$7$?!#(B

Re: Security issue? Daemon users has to much rights...

On Fri, Oct 22, 2004 at 11:13:55PM +0200, Jan Lühr wrote: Of course, providing security on that level is not the best way to ensure the system's integrity and safety. But why do you think, that security on filesystem level is doomed to failure if it's part of a security concept? Because you

Re: Security issue? Daemon users has to much rights...

On 23 Oct 2004, Jan Lhr wrote: Am Freitag, 22. Oktober 2004 14:02 schrieb Daniel Pittman: On 22 Oct 2004, Jan Lhr wrote: because of the recent xpdf issues I tested the access restrictions of some users like lp, mail, etc. with default settings in sarge. I noticed that, by default, no acl were