diff options
| author | Jörg Frings-Fürst <debian@jff.email> | 2024-03-03 09:55:03 +0100 |
|---|---|---|
| committer | Jörg Frings-Fürst <debian@jff.email> | 2024-03-03 09:55:03 +0100 |
| commit | 23c348d62ab9f0a902189c70921310a5f856852c (patch) | |
| tree | 08c40dc8b180b31f504945e8da3e3ea3950e4145 /PROBLEMS | |
| parent | 2938695ca4c9bca7834817465662e31570f6d32f (diff) | |
| parent | 44916ca6d75e0b5f258a098a50d659f31c6625fd (diff) | |
Update upstream source from tag 'upstream/1.3.0'
Update to upstream version '1.3.0'
with Debian dir ab14a3d39c8a7f8e08536efd939bb78110db77f3
Diffstat (limited to 'PROBLEMS')
| -rw-r--r-- | PROBLEMS | 14 |
1 files changed, 7 insertions, 7 deletions
@@ -1,5 +1,3 @@ -Last update: 2006-01-05 - - Avoiding damage on flatbed scanners Most flatbed scanners have no protection against exceeding the physical scan @@ -15,8 +13,10 @@ Last update: 2006-01-05 - Security problems with saned (SANE network scanning daemon) - saned is not intended to be exposed to the internet or other non-trusted - networks. Make sure that access is limited by tcpwrappers and/or a firewall - setup. Don't depend only on saned's own authentication. Don't run saned - as root if it's not necessary. And do not install saned as setuid root. - Read man saned(8) for details. + saned does not provide confidentiality when communicating with clients. + If saned is exposed directly on the network, other users may be able to + intercept scanned images, or learn passwords for connecting to saned, + with little effort. Client systems should connect to saned through a + secure tunnel to the server instead. + + saned is not a trusted program and should not run with root privileges. |