[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-devel:12597] Re: (draft) [SECURITY] New version of canna released

From: Hiroshi KISE <fuyuneko@xxxxxxxxxxxx>
Subject: [debian-devel:12597] Re: (draft) [SECURITY] New version of canna released
Date: Mon, 3 Jul 2000 22:39:48 +0900
X-ml-info: If you have a question, send a mail with the body "# help" (without quotes) to the address debian-devel-ctl@debian.or.jp; help=<mailto:debian-devel-ctl@debian.or.jp?body=help>
X-ml-name: debian-devel
X-mlserver: fml [fml 2.2]; post only (only members can post)
References: <200005100400.NAA25791@xxxxxxxxxxxxx> <200007010404.NAA02250@xxxxxxxxxxxxxxxxxx>
Message-id: <887lb3l4d8.wl@xxxxxxxxxxxxxxx>
X-mail-count: 12597
User-agent: Wanderlust/1.1.1 (Purple Rain) EMIKO/1.13.9 (Euglena tripteris) FLIM/1.13.2 (Kasanui) APEL/10.2 MULE XEmacs/21.1 (patch 10) (Capitol Reef) (i386-debian-linux)

At Sat, 1 Jul 2000 13:04:31 +0900,
NOKUBI Takatsugu wrote:
>   という流れのようだったので、/etc/hosts.canna で接続を制限すれば制限
> された範囲からの攻撃は防ぐことができそうです。Debian の default は
> /etc/hosts.canna が存在しないので(BTS にも報告がある)危険な状態にある
> 人は結構な数がいるかもしれません。

root権限で動いている(よね)というのも問題かもしれません。rootである
必要がなければ、もっと弱い権限で動かしたほうがいいでしょう(wishlist
するかな)。

これ、cannaserverに限りません。
-- 
喜瀬“冬猫”浩＠南国沖縄

Follow-Ups:
- [debian-devel:12598] Re: (draft) [SECURITY] New version of canna released
  - From: ISHIKAWA Mutsumi

References:
- [debian-devel:12572] (draft) [SECURITY] New version of canna released
  - From: NOKUBI Takatsugu

Prev by Date: [debian-devel:12596] Re: (draft) [SECURITY] New version of cannareleased
Next by Date: [debian-devel:12598] Re: (draft) [SECURITY] New version of canna released
Previous by thread: [debian-devel:12596] Re: (draft) [SECURITY] New version of cannareleased
Next by thread: [debian-devel:12598] Re: (draft) [SECURITY] New version of canna released
Index(es):
- Date
- Thread