|
|
CUPS and network security
Um, not a security hole the last I checked. TCP port 631 is never bound to the outside world. You can use netstat -ano to verify.
Just the local computer itself is bound. This is only a problem if you are giving shell accounts to users on your box and you don't trust them, but there is still a lot of other ways they can gather information about you.
Running a secure unix shell server, or a secure multiuser operating system of any type, is really an evolving challenge. Even OpenVMS has been hit with some security updates recently. But I wouldn't worry that much about this CUPS thing.
CUPS and network security
When I tested this with my (completely stock) 10.3 install on my desktop Mac, my laptop could see the desktop machine's CUPS page -- I could see a list of every job that I'd printed right there on my laptop.
Location directive
This may be something that has changed between Jaguar and Panther. My stock cupsd.conf file on Jaguar has the following:
I.e. there is no access from the local network.
This may also be one of the things that gets preserved if you do an "upgrade" install.
Location directive
Probably true -- all of my machines get clean installs on major dot upgrades. Much more of a pain in the butt, obviously, but generally worth it to make sure I see everything that a "new" install would get.
CUPS and network security
And just to clarify, I don't mean visible to the outside world. But it's clearly visible to the rest of the internal network ... and if that's a large segment at a university, that might be a cause for (very minor) concern. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.08 seconds |
|