On Mon, 05 Jul 2004 21:56:14 -0500 Reid Priedhorsky <[EMAIL PROTECTED]> wrote:
> Hello all, > > I have just discovered that the Mozilla and Firefox old-style printing > option "PostScript/default" is gone. Apparently we are now supposed to use > the Xprint printing stuff; unfortunately, Xprint is broken for me in at > least two ways. Now I can't print. What! The PostScript/default printing was pretty bad but I'm a little surprised they dumped it entirely as it would require additional setup to get xprint running. Are you sure? > Justification, as far as I can tell, for removing the old stuff was for > two reasons: > > 1. It was broken for some people. > > Fine, but Xprint is broken for me and now I can't print. I don't think > it's appropriate to remove a feature until its replacement is stable and > useable by everyone who could use the old feature. What's the symptom? > 2. It had security problems. > > This brings me to my question: Does anyone have any solid references on > these security problems? Googling and searching the bug database only > yielded a vague claim about a remote exploit (bug #247585). Well X in general has exploits and if you run a *dm session manager it's running as root. So if you're running Xprint you're running X so an exploit in Xprint is somewhat redundant. The bottom line is you cannot run X exposed to hostile networks. Mike -- Greedo shoots first? Not in my Star Wars. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
