home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.sys.sgi
- Path: sparky!uunet!europa.asd.contel.com!darwin.sura.net!wupost!gumby!destroyer!ubc-cs!newsserver.sfu.ca!langer
- From: langer@monashee.sfu.ca (Steve Langer)
- Subject: Re: lp/lpr printer hacks
- Message-ID: <1992Jul29.220236.797@sfu.ca>
- Keywords: lp lpr
- Sender: news@sfu.ca
- Organization: Simon Fraser University, Burnaby, B.C., Canada
- References: <1992Jul29.174504.24633@sfu.ca> <dittrich.712439536@milton>
- Date: Wed, 29 Jul 1992 22:02:36 GMT
- Lines: 18
-
- In article <dittrich.712439536@milton> dittrich@milton.u.washington.edu (Dave Dittrich) writes:
- >langer@monashee.sfu.ca (Steve Langer) writes:
- >
- >> What I did is to create a dummy user, called "printer", who has /usr/bin/lp
- >>for a shell, and no password. (Please tell me if this is a horrible
- >>security risk!) Then I can print from a remote machine that doesn't have lp
- >>by running
- >
- >Yes it is. And what is more, you have now told everyone on the net that
- >your machine can be logged into! Fix it ASAP!
-
- Well, I didn't post from the machine involved, naturally. I also put a
- password on the account, which makes it require an .rhosts file. Is this
- still a problem? This method seemed much simpler than the various
- alternatives.
-
- -- Steve
-
-