Re: Strange change to the DSA-222 web page

To: debian-www@lists.debian.org
Subject: Re: Strange change to the DSA-222 web page
From: Josip Rodin <joy@gkvk.hr>
Date: Thu, 9 Jan 2003 14:27:24 +0100
Message-id: <[🔎] 20030109132724.GD27176@cibalia.gkvk.hr>
In-reply-to: <[🔎] 20030109111822.GA5326@asgard.pte.at>
References: <[🔎] Pine.LNX.4.43.0301091205420.11217-100000@perkele> <[🔎] 20030109111822.GA5326@asgard.pte.at>

On Thu, Jan 09, 2003 at 12:18:23PM +0100, Gerfried Fuchs wrote:
> > What's the rationale for this change?
> > 
> > -target user.  This can lead to gaining privileged access to the 'lp'
> > +target user.  This can lead to gaining unprivileged access to the 'lp'
> > 
> > If I only can gain unprivileged access, there's no security hole, right?
> 
>  Uh, you gain unprivileged access _to the lp account_ but are not
> privileged to gain it.  If you would gain privileged access to an
> account there shouldn't be any harm, should it :)
> 
>  Or am I thinking in the wrong direction?

"This can lead to gaining unauthorized access to the 'lp'"

-- 
     2. That which causes joy or happiness.

Reply to:

Follow-Ups:
- Re: Strange change to the DSA-222 web page
  - From: Andrew Shugg <andrew@neep.com.au>

References:
- Strange change to the DSA-222 web page
  - From: Peter Karlsson <peter@softwolves.pp.se>
- Re: Strange change to the DSA-222 web page
  - From: Gerfried Fuchs <alfie@ist.org>

Prev by Date: Re: automatically-generated ISO-8859-1 characters in mulbibyte webpages
Next by Date: Re: out-of-date symbolic link at http://us.cdimage.debian.org/jigdo-area/
Previous by thread: Re: Strange change to the DSA-222 web page
Next by thread: Re: Strange change to the DSA-222 web page
Index(es):
- Date
- Thread