diff options
author | Jörg Frings-Fürst <debian@jff.email> | 2024-06-30 15:46:39 +0200 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff.email> | 2024-06-30 15:46:39 +0200 |
commit | 73365252941d4053dca0e7fa06f4c205194cf1b8 (patch) | |
tree | 3eff4566f12e48cfee6b35955d262e46ee5a5da1 /PROBLEMS | |
parent | 52c7d661296d9efb9a51b52c38dda22516cf981a (diff) | |
parent | 3c9b873509b5c2278d4e345bf86a22c1ff26f3c0 (diff) |
Merge branch 'release/debian/1.3.0-1'debian/1.3.0-1
Diffstat (limited to 'PROBLEMS')
-rw-r--r-- | PROBLEMS | 14 |
1 files changed, 7 insertions, 7 deletions
@@ -1,5 +1,3 @@ -Last update: 2006-01-05 - - Avoiding damage on flatbed scanners Most flatbed scanners have no protection against exceeding the physical scan @@ -15,8 +13,10 @@ Last update: 2006-01-05 - Security problems with saned (SANE network scanning daemon) - saned is not intended to be exposed to the internet or other non-trusted - networks. Make sure that access is limited by tcpwrappers and/or a firewall - setup. Don't depend only on saned's own authentication. Don't run saned - as root if it's not necessary. And do not install saned as setuid root. - Read man saned(8) for details. + saned does not provide confidentiality when communicating with clients. + If saned is exposed directly on the network, other users may be able to + intercept scanned images, or learn passwords for connecting to saned, + with little effort. Client systems should connect to saned through a + secure tunnel to the server instead. + + saned is not a trusted program and should not run with root privileges. |