Re: Mozilla/Firefox "PostScript/default" security problems

To: debian-user@lists.debian.org
Subject: Re: Mozilla/Firefox "PostScript/default" security problems
From: Reid Priedhorsky <reid@reidster.net>
Date: Tue, 06 Jul 2004 15:43:47 -0500
Message-id: <[🔎] pan.2004.07.06.20.43.47.626981@reidster.net>
References: <[🔎] pan.2004.07.06.02.56.13.995099@reidster.net> <[🔎] 20040706033254.17f7f264.mba2000@ioplex.com>

On Tue, 06 Jul 2004 09:40:12 +0200, Michael B Allen wrote:
>
> Reid Priedhorsky <reid@reidster.net> wrote:
> > 
> > 2. It had security problems.
> > 
> > This brings me to my question: Does anyone have any solid references
> > on these security problems? Googling and searching the bug database
> > only yielded a vague claim about a remote exploit (bug #247585).
> 
> Well X in general has exploits and if you run a *dm session manager it's
> running as root. So if you're running Xprint you're running X so an
> exploit in Xprint is somewhat redundant. The bottom line is you cannot
> run X exposed to hostile networks.

Hm, I suppose I was unclear. It was the "PostScript/default" printing
option, the one that was removed, not Xprint, that supposedly has security
issues. I'm trying to solidify these claims.

Reid

Reply to:

References:
- Mozilla/Firefox "PostScript/default" security problems
  - From: Reid Priedhorsky <reid@reidster.net>
- Re: Mozilla/Firefox "PostScript/default" security problems
  - From: Michael B Allen <mba2000@ioplex.com>

Prev by Date: problem upgrading postfix
Next by Date: Re: Using Linux on a Family PC
Previous by thread: Re: Mozilla/Firefox "PostScript/default" security problems
Next by thread: Re: Mozilla/Firefox "PostScript/default" security problems
Index(es):
- Date
- Thread