From owner-freebsd-questions Sun Aug 16 07:28:50 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA15854 for freebsd-questions-outgoing; Sun, 16 Aug 1998 07:28:50 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from sussie.datadesign.se (ns.datadesign.se [194.23.109.130]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA15827; Sun, 16 Aug 1998 07:28:37 -0700 (PDT) (envelope-from kaj@interbizz.se) Received: from localhost (sussie.datadesign.se [194.23.109.130]) by sussie.datadesign.se (8.8.5/8.8.7) with ESMTP id QAA16228; Sun, 16 Aug 1998 16:24:36 +0200 (MET DST) To: andre.albsmeier@mchp.siemens.de Cc: cschuber@uumail.gov.bc.ca, imp@village.org, freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Cc: kaj@interbizz.se Subject: Re: Found reason why lpr -r -s doesn't work as expected From: Rasmus Kaj In-Reply-To: Your message of "Sun, 16 Aug 1998 15:45:28 +0200 (CEST)" <199808161345.PAA19691@internal> References: <199808161345.PAA19691@internal> X-Mailer: Mew version 1.92.4 on XEmacs 20.4 (Emerald) X-URL: http://www.e.kth.se/~kaj/ X-Phone: +46 (0)8 - 692 35 09 / +46 (0)70 640 49 14 X-Attribution: Kaj X-Face: M9cR~WYav<"fu%MaslX0`43PAYY?uIsM8[#E(0\Xuy9rj>4gE\h3jm.7DD?]R8*^7T\o&vT U@[53Dwkuup4[0@gw#~kyu>`unH?kVj9CJa02(h>Ki\+i=%rn%sDf^KC.!?IHkKjMAbkd\jgmphp^' d|Q;OeXEAhq?ybGqOs1CHb6TJT42'C`Krnk61//AOfXtNjj/t'`5>Vw0QX!dKfOL$.f+S"LIuwR<;I Z0Qnnx(F^F]o@*V%TUtEV'1Z[TkOl^FFV9Z~A[b19%}uP*,huCU Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <19980816162435K.kaj@interbizz.se> Date: Sun, 16 Aug 1998 16:24:35 +0200 X-Dispatcher: imput version 971024 Lines: 23 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> "AA" == Andre Albsmeier writes: >> No. By revoking remote access to your lpd, e.g. firewall, you would >> still have an exposure that local users could exploit, which in this >> case revoking access to local users would solve the problem. I think >> you get the picture... AA> OK, thanks for the info. I have now changed printjob.c so that AA> removing files containing '/' still is forbidden except when it AA> starts with '/var/spool/samba/'. It's ugly but works. A 'serious' way to fix this (IMHO) would be to make lpd su to the user that requested the printout before removing any file at all. But this would probably be very hard to do ... Obvious catch: a remote user might print without even having an account on the host where lpd runns. // Rasmus -- kaj@cityonline.se --------------- Rasmus Kaj - http://www.e.kth.se/~kaj/ \ CityOnLine IB Production AB - http://www.CityOnLine.se/ \------------------- HELP! MY TYPEWRITER IS BROKEN! -- E. E. CUMMINGS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message