Date: Thu, 06 Jul 2000 19:46:53 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: papowell@astart.com Cc: sheldonh@uunet.co.za, andrews@technologist.com, arch@FreeBSD.ORG, will@almanac.yi.org Subject: Re: was: Bringing LPRng into FreeBSD? Message-ID: <200007070247.e672l2R73279@cwsys.cwsent.com> In-Reply-To: Your message of "Wed, 05 Jul 2000 20:33:51 PDT." <200007060333.UAA23827@h4.private>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200007060333.UAA23827@h4.private>, papowell@astart.com writes: > > From sheldonh@axl.ops.uunet.co.za Mon Jun 26 02:46:32 2000 > > From: Sheldon Hearn <sheldonh@uunet.co.za> > > To: arch@FreeBSD.ORG > > cc: papowell@astart.com > > Subject: Re: was: Bringing LPRng into FreeBSD? > > Date: Mon, 26 Jun 2000 11:46:23 +0200 > > > > > > Could someone just enumerate the advantages of importing LPRng? It > > seems to be a package which can me made to do everything FreeBSD's lpr > > can do, but it does not seem to be a superset of FreeBSD's lpr. This > > means that there is a cost associated with bringing it in as a > > replacement. > > > > Are we sure that the cost is justified? Is it so much better than the > > existing lpr that having it available as a port is "not enough"? > > > > I have no stsrong opinion one way or the other, but I do get the feeling > > that this thread has skipped an important issue, instead focusing on > > licensing. This looks like a little cart before horse. > > I started the work on LPRng with one major goal in mind: make it > secure when used in a Computer Science Laboratory. For example, > LPRng does not need to run SETUID root unless compatibility with > vintage or legacy printing systems such is required. The code is > extremely paranoid about all buffer sizes, string lengths, and so > forth, and goes to great lengths to check for various know hacker > attacks as well. In addition, there are facilities to use > encryption and Kerberos based authentication to prevent abuse > of the printing system. An additional degree of security can be obtained by removing the setuid bit from Berkeley lpr and running it setgid "lpr". One could even turn off the setgid bit and make the lpd spool directories world writable with the sticky bit turned on. Of course this comes at the price of reduced functionality, e.g. lpr -r won't work any more. I'd suggest making lpr setgid "lpr" or running LPRng "secured" and providing instructions or a script for sysadmins to enable/disable the additional functionality by turning on/off the setuid bit. Posix.1e will go a long way to mitigate some of these issues and may make much of this moot. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007070247.e672l2R73279>