From owner-freebsd-current  Tue Jul 22 17:56:17 1997
Return-Path: <owner-freebsd-current>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id RAA12278
          for current-outgoing; Tue, 22 Jul 1997 17:56:17 -0700 (PDT)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by hub.freebsd.org (8.8.5/8.8.5) with SMTP id RAA12273
          for <current@freebsd.org>; Tue, 22 Jul 1997 17:56:12 -0700 (PDT)
Received: from rover.village.org [127.0.0.1] 
	by rover.village.org with esmtp (Exim 1.60 #1)
	id 0wqpir-0004dK-00; Tue, 22 Jul 1997 18:56:09 -0600
To: current@freebsd.org
Subject: lpr/lpd changes
Date: Tue, 22 Jul 1997 18:56:09 -0600
From: Warner Losh <imp@rover.village.org>
Message-Id: <E0wqpir-0004dK-00@rover.village.org>
Sender: owner-freebsd-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


I'm in the process of making a bunch of lpr/lpd security changes from
OpenBSD.  There have been a bunch since the last merge that I did.
I'm doing this in stages to try to isolate where problems crop up.
The first set is merging NetBSD/OpenBSD's seteuid() patches so that
lpr/lpd runs at a minimum privs most of the time.  A few buffer
overflowish patches snuck in because they were close to the seteuid
stuff in the diffs.  I say NetBSD/OpenBSD because I can't tell for
sure from the OpenBSD CVS tree where exactly they came from, but it
looks like they modified them slightly from the NetBSD version (and
I've not checked NetBSD to see if they have the same changes too).  So
no offense is intended if I have misattributed these patches, but I
did my best to not do that.

The next set will be a boatload of buffer overflows (some of which
aren't possible, or are possible only as root, but some look
dangerous).

Please let me know if I've broken anything.  Once these patches have
been vetted in -current, I plan on merging back into 2.2.

Warner