Date: Sun, 16 Aug 1998 16:44:57 +0200 (CEST) From: Andre Albsmeier <andre.albsmeier@mchp.siemens.de> To: kaj@interbizz.se (Rasmus Kaj) Cc: andre.albsmeier@mchp.siemens.de, cschuber@uumail.gov.bc.ca, imp@village.org, freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG, kaj@interbizz.se Subject: Re: Found reason why lpr -r -s doesn't work as expected Message-ID: <199808161444.QAA04591@internal> In-Reply-To: <19980816162435K.kaj@interbizz.se> from Rasmus Kaj at "Aug 16, 98 04:24:35 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> >>>>> "AA" == Andre Albsmeier <andre.albsmeier@mchp.siemens.de> writes: > > >> No. By revoking remote access to your lpd, e.g. firewall, you would > >> still have an exposure that local users could exploit, which in this > >> case revoking access to local users would solve the problem. I think > >> you get the picture... > > AA> OK, thanks for the info. I have now changed printjob.c so that > AA> removing files containing '/' still is forbidden except when it > AA> starts with '/var/spool/samba/'. It's ugly but works. > > A 'serious' way to fix this (IMHO) would be to make lpd su to the user > that requested the printout before removing any file at all. But this > would probably be very hard to do ... Obvious catch: a remote user > might print without even having an account on the host where lpd > runns. I thought of similar things but haven't come to a handy solution yet... I don't know a lot about lpr/lpd interaction and how the cf files are created and how remote printing works in detail. But maybe one day I'll have a look at this. It's really annoying, especially because samba prints with 'lpr -r -s'... -Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808161444.QAA04591>