Date: Fri, 10 Dec 1999 07:42:05 +0100 From: Andre Albsmeier <andre.albsmeier@mchp.siemens.de> To: Alfred Perlstein <bright@wintelcom.net> Cc: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>, Warner Losh <imp@village.org>, Garance A Drosihn <drosih@rpi.edu>, current@FreeBSD.ORG Subject: Re: NO! Re: [PATCHES] Two fixes for lpd/lpc for review and test Message-ID: <19991210074205.B12325@internal> In-Reply-To: <Pine.BSF.4.21.9912091427240.4557-100000@fw.wintelcom.net>; from bright@wintelcom.net on Thu, Dec 09, 1999 at 03:02:41PM -0800 References: <19991209153320.A62121@internal> <Pine.BSF.4.21.9912091427240.4557-100000@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 09-Dec-1999 at 15:02:41 -0800, Alfred Perlstein wrote: > On Thu, 9 Dec 1999, Andre Albsmeier wrote: > > ... > > > For better reference, here is the current patch: > > > > *** lpr.c.ORI Thu Dec 9 15:30:18 1999 > > --- lpr.c Thu Dec 9 15:30:35 1999 > > *************** > > *** 370,375 **** > > --- 370,405 ---- > > } > > if (sflag) > > printf("%s: %s: not linked, copying instead\n", name, arg); > > + /* > > + * If lpr was invoked with -r we try to move the file to > > + * be printed instead of copying and deleting it later. > > + * This works if the file and lpd's spool directory are > > + * on the same filesystem as it is often the case for files > > + * printed by samba or pcnfsd. In this case, a lot of I/O > > + * and temporary disk space can be avoided. Otherwise, we > > + * will continue normally. > > + */ > > + if (f) { /* file should be deleted */ > > + seteuid(euid); /* needed for rename() */ > > + if (!rename(arg, dfname)) { > > + int i; > > + #if 0 > > + chown(dfname, userid, getegid()); > > + chmod(dfname, S_IRUSR | S_IWUSR | > > + S_IRGRP | S_IWGRP); > > + #endif > > + seteuid(uid); /* restore old uid */ > > + if (format == 'p') > > + card('T', title ? title : arg); > > + for (i = 0; i < ncopies; i++) > > + card(format, &dfname[inchar-2]); > > + card('U', &dfname[inchar-2]); > > + card('N', arg); > > + nact++; > > + continue; > > + } > > + seteuid(uid); /* restore old uid */ > > + } > > if ((i = open(arg, O_RDONLY)) < 0) { > > printf("%s: cannot open %s\n", name, arg); > > } else { > > > > > > I don't have too much time to think about this, argue me this: Sure, please tell me if you don't want to get CC'ed on this anymore. > > why should I allow a user to print any file on the system? > > the race condition is still there. Right :-(. The file won't be given to the user anymore but he can print everything. However, there must be a solution for this... > > -Alfred > -Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991210074205.B12325>