New upstream version 1.3.0upstream/1.3.0 upstream

author: Jörg Frings-Fürst <debian@jff.email> 2024-03-03 09:54:51 +0100
committer: Jörg Frings-Fürst <debian@jff.email> 2024-03-03 09:54:51 +0100
commit: 44916ca6d75e0b5f258a098a50d659f31c6625fd (patch)
tree: 2e51a12ae43b3def9e55d3f2c9ca60d2032ad45c /PROBLEMS
parent: 84357741a6a6e6430f199b2c3f7498e0e97da9ad (diff)
1 files changed, 7 insertions, 7 deletions
diff --git a/PROBLEMS b/PROBLEMS
index 62466c1..22369b8 100644
--- a/PROBLEMS
+++ b/PROBLEMS
@@ -1,5 +1,3 @@
-Last update: 2006-01-05
-
 - Avoiding damage on flatbed scanners
 
   Most flatbed scanners have no protection against exceeding the physical scan
@@ -15,8 +13,10 @@ Last update: 2006-01-05
 
 - Security problems with saned (SANE network scanning daemon)
 
-  saned is not intended to be exposed to the internet or other non-trusted
-  networks.  Make sure that access is limited by tcpwrappers and/or a firewall
-  setup. Don't depend only on saned's own authentication.  Don't run saned
-  as root if it's not necessary. And do not install saned as setuid root.
-  Read man saned(8) for details.
+  saned does not provide confidentiality when communicating with clients.
+  If saned is exposed directly on the network, other users may be able to
+  intercept scanned images, or learn passwords for connecting to saned,
+  with little effort.  Client systems should connect to saned through a
+  secure tunnel to the server instead.
+
+  saned is not a trusted program and should not run with root privileges.
author	Jörg Frings-Fürst <debian@jff.email>	2024-03-03 09:54:51 +0100
committer	Jörg Frings-Fürst <debian@jff.email>	2024-03-03 09:54:51 +0100
commit	44916ca6d75e0b5f258a098a50d659f31c6625fd (patch)
tree	2e51a12ae43b3def9e55d3f2c9ca60d2032ad45c /PROBLEMS
parent	84357741a6a6e6430f199b2c3f7498e0e97da9ad (diff)