Date: Wed, 18 Aug 1999 18:15:05 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: David Scheidt <dscheidt@enteract.com> Cc: Matthew Dillon <dillon@apollo.backplane.com>, hackers@FreeBSD.ORG Subject: Re: lpd security check for changed-file vs NFS Message-ID: <v0421010fb3e0de64f102@[128.113.24.47]> In-Reply-To: <Pine.NEB.3.96.990818084611.33224A-100000@shell-2.enteract.com> References: <Pine.NEB.3.96.990818084611.33224A-100000@shell-2.enteract.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 8:48 AM -0500 8/18/99, David Scheidt wrote: >On Tue, 17 Aug 1999, Garance A Drosihn wrote: > > > At 6:37 PM -0700 8/17/99, Matthew Dillon wrote: > > > If you removed the stat test, I would simply get rid of the -s > > > option entirely - require that all files be queued to the print > > > spool. > > > > The administration would kill me. I would prefer to avoid that. > > > > (note that the check isn't completely removed, it's "only" nullified > > for NFS-mounted files. We use AFS for most things here, so the vast > >Couldn't you turn it off only for NFS mounted files? I first took this to mean "turn off the security check", but now I see it means "turn off the -s option". In thinking about this suggestion, I think that as long as I allow-but-ignore the option for nfs files, it might work out better than I initially thought it would. I don't want to completely reject '-s' because they have that embedded in a lot of scripts and canned procedures that I doubt they want to search for right now. But just ignoring the option for NFS files might not be too bad. I do keep thinking that they would have a fit if some 'lpr -s' didn't work because it ran out of space to copy the file into the spool directory. Still, I'll have to think about this some more. Thanks. > > Any advice on how to kick AIX so the st_dev+st_ino check will work > > right is also welcome. It baffles me why AIX does things the way it > > does. It kinda looks like the values it uses are pointers to some > >The joke about AIX is that it was created by aliens who were given the >UNIX documentation, but no example system. I have seen very little >that suggests this to be untrue. Everytime I start thinking "well AIX isn't TOO bad", something like this comes along to remind me... --- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v0421010fb3e0de64f102>