Merge branch 'release/debian/1.3.0-1'debian/1.3.0-1

author: Jörg Frings-Fürst <debian@jff.email> 2024-06-30 15:46:39 +0200
committer: Jörg Frings-Fürst <debian@jff.email> 2024-06-30 15:46:39 +0200
commit: 73365252941d4053dca0e7fa06f4c205194cf1b8 (patch)
tree: 3eff4566f12e48cfee6b35955d262e46ee5a5da1 /PROBLEMS
parent: 52c7d661296d9efb9a51b52c38dda22516cf981a (diff)
parent: 3c9b873509b5c2278d4e345bf86a22c1ff26f3c0 (diff)
1 files changed, 7 insertions, 7 deletions
diff --git a/PROBLEMS b/PROBLEMS
index 62466c1..22369b8 100644
--- a/PROBLEMS
+++ b/PROBLEMS
@@ -1,5 +1,3 @@
-Last update: 2006-01-05
-
 - Avoiding damage on flatbed scanners
 
   Most flatbed scanners have no protection against exceeding the physical scan
@@ -15,8 +13,10 @@ Last update: 2006-01-05
 
 - Security problems with saned (SANE network scanning daemon)
 
-  saned is not intended to be exposed to the internet or other non-trusted
-  networks.  Make sure that access is limited by tcpwrappers and/or a firewall
-  setup. Don't depend only on saned's own authentication.  Don't run saned
-  as root if it's not necessary. And do not install saned as setuid root.
-  Read man saned(8) for details.
+  saned does not provide confidentiality when communicating with clients.
+  If saned is exposed directly on the network, other users may be able to
+  intercept scanned images, or learn passwords for connecting to saned,
+  with little effort.  Client systems should connect to saned through a
+  secure tunnel to the server instead.
+
+  saned is not a trusted program and should not run with root privileges.
author	Jörg Frings-Fürst <debian@jff.email>	2024-06-30 15:46:39 +0200
committer	Jörg Frings-Fürst <debian@jff.email>	2024-06-30 15:46:39 +0200
commit	73365252941d4053dca0e7fa06f4c205194cf1b8 (patch)
tree	3eff4566f12e48cfee6b35955d262e46ee5a5da1 /PROBLEMS
parent	52c7d661296d9efb9a51b52c38dda22516cf981a (diff)
parent	3c9b873509b5c2278d4e345bf86a22c1ff26f3c0 (diff)