From owner-freebsd-bugs Fri Apr 14 23:58:33 1995 Return-Path: bugs-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id XAA01880 for bugs-outgoing; Fri, 14 Apr 1995 23:58:33 -0700 Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id XAA01865 for ; Fri, 14 Apr 1995 23:58:27 -0700 Received: from sax.sax.de by irz301.inf.tu-dresden.de with SMTP (5.67b+/DEC-Ultrix/4.3) id AA24898; Sat, 15 Apr 1995 08:58:22 +0200 Received: by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id IAA02748; Sat, 15 Apr 1995 08:58:22 +0200 Received: (from j@localhost) by uriah.heep.sax.de (8.6.11/8.6.9) id HAA01352; Sat, 15 Apr 1995 07:48:33 +0200 From: J Wunsch Message-Id: <199504150548.HAA01352@uriah.heep.sax.de> Subject: Re: bin/342: lpd can allow users access to all of root's groups To: pritc003@maroon.tc.umn.edu Date: Sat, 15 Apr 1995 07:48:32 +0200 (MET DST) Cc: freebsd-bugs@freefall.cdrom.com In-Reply-To: <199504141530.IAA20683@freefall.cdrom.com> from "pritc003@maroon.tc.umn.edu" at Apr 14, 95 08:30:01 am Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) X-Phone: +49-351-2012 669 X-Mailer: ELM [version 2.4 PL23] Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Content-Length: 719 Sender: bugs-owner@FreeBSD.org Precedence: bulk As pritc003@maroon.tc.umn.edu wrote: > > If a /etc/printcap entry is setup to use a filtering program that > allows the user some control over it (e.g. apsfilter), then the user > can run commands as user daemon with all of root's groups. It's arguable that this is a bug in apsfilter as well. (And actually, just *this* is the reason why Andreas Klemm didn't yet offer a port of apsfilter to FreeBSD - he knows about this bug/problem.) OTOH, it seems to be a good idea to switch UIDs regardless of this problem, since lpr filters tend to be shell scripts in some cases. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ Never trust an operating system you don't have sources for. ;-)