On Sat, 24 Jan 2004 00:11:50 +0100, Michael Zimmermann said: > Security critical networks should not share printers with > insecure nets - no physical connection should be there. > And a PostScript printer is a possible "tunnel" and > can even be "owned" - depending on it's hardware > + software situation. For that matter, if the printer has a disk, and a "printout" from the insecure net can get the system password, is it able to scavenge data from old jobs off the disk? Most modern multi-user operating systems manage to do this correctly, but there's still the occasional screw-up (how many times have we seen "Program XYZ embeds random data in files" exposures?)
Attachment:
pgp00053.pgp
Description: PGP signature