Re: Strange change to the DSA-222 web page

To: Debian www <debian-www@lists.debian.org>
Subject: Re: Strange change to the DSA-222 web page
From: Peter Karlsson <peter@softwolves.pp.se>
Date: Sun, 12 Jan 2003 10:08:08 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.43.0301121006280.14955-100000@perkele>
In-reply-to: <[🔎] 20030109111822.GA5326@asgard.pte.at>

Gerfried Fuchs:

>  Uh, you gain unprivileged access _to the lp account_ but are not
> privileged to gain it.

But gaining unprivileged access (i.e access that cannot do anything) is
not a security hole. It's the gaining of privileged access (for example
to lp, which has access to the printer spool) that's dangerous. Of
course you yourself are unprivileged, that's the whole idea behind
those security holes, to elevate your privileges illegitemately.

-- 
\\//
Peter - http://www.softwolves.pp.se/
  I do not read or respond to mail with HTML attachments.

Reply to:

References:
- Re: Strange change to the DSA-222 web page
  - From: Gerfried Fuchs <alfie@ist.org>

Prev by Date: Re: search.debian.org is online
Next by Date: UNIVERSIDAD EN LINEA
Previous by thread: Re: Strange change to the DSA-222 web page
Next by thread: webwml/english/mirror/Mirrors.masterlist
Index(es):
- Date
- Thread