diff options
| author | Jörg Frings-Fürst <debian@jff.email> | 2024-03-03 09:54:51 +0100 |
|---|---|---|
| committer | Jörg Frings-Fürst <debian@jff.email> | 2024-03-03 09:54:51 +0100 |
| commit | 44916ca6d75e0b5f258a098a50d659f31c6625fd (patch) | |
| tree | 2e51a12ae43b3def9e55d3f2c9ca60d2032ad45c /PROBLEMS | |
| parent | 84357741a6a6e6430f199b2c3f7498e0e97da9ad (diff) | |
New upstream version 1.3.0upstream/1.3.0
Diffstat (limited to 'PROBLEMS')
| -rw-r--r-- | PROBLEMS | 14 |
1 files changed, 7 insertions, 7 deletions
@@ -1,5 +1,3 @@ -Last update: 2006-01-05 - - Avoiding damage on flatbed scanners Most flatbed scanners have no protection against exceeding the physical scan @@ -15,8 +13,10 @@ Last update: 2006-01-05 - Security problems with saned (SANE network scanning daemon) - saned is not intended to be exposed to the internet or other non-trusted - networks. Make sure that access is limited by tcpwrappers and/or a firewall - setup. Don't depend only on saned's own authentication. Don't run saned - as root if it's not necessary. And do not install saned as setuid root. - Read man saned(8) for details. + saned does not provide confidentiality when communicating with clients. + If saned is exposed directly on the network, other users may be able to + intercept scanned images, or learn passwords for connecting to saned, + with little effort. Client systems should connect to saned through a + secure tunnel to the server instead. + + saned is not a trusted program and should not run with root privileges. |