Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 16 Aug 1998 16:24:35 +0200
From:      Rasmus Kaj <kaj@interbizz.se>
To:        andre.albsmeier@mchp.siemens.de
Cc:        kaj@interbizz.se
Subject:   Re: Found reason why lpr -r -s doesn't work as expected
Message-ID:  <19980816162435K.kaj@interbizz.se>
In-Reply-To: Your message of "Sun, 16 Aug 1998 15:45:28 %2B0200 (CEST)" <199808161345.PAA19691@internal>
References:  <199808161345.PAA19691@internal>

next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "AA" == Andre Albsmeier <andre.albsmeier@mchp.siemens.de> writes:

 >> No.  By revoking remote access to your lpd, e.g. firewall, you would 
 >> still have an exposure that local users could exploit, which in this 
 >> case revoking access to local users would solve the problem.  I think 
 >> you get the picture...

 AA> OK, thanks for the info. I have now changed printjob.c so that
 AA> removing files containing '/' still is forbidden except when it
 AA> starts with '/var/spool/samba/'. It's ugly but works. 

A 'serious' way to fix this (IMHO) would be to make lpd su to the user 
that requested the printout before removing any file at all. But this
would probably be very hard to do ... Obvious catch: a remote user
might print without even having an account on the host where lpd
runns.

// Rasmus

-- 
kaj@cityonline.se --------------- Rasmus Kaj - http://www.e.kth.se/~kaj/
 \               CityOnLine IB Production AB - http://www.CityOnLine.se/
  \------------------- HELP!  MY TYPEWRITER IS BROKEN! -- E. E. CUMMINGS

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980816162435K.kaj>