[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cupsys (was: Re: lprng as 'stantard' package)



On Sun, 23 Jul 2000, Jeff Licquia wrote:
> On Fri, Jul 14, 2000 at 06:53:23PM -0300, Henrique M Holschuh wrote:
> > Yes, and that's my grip with it so far. Unless the code HAS to include a
> > modified GS instead of interfacing to an installed GS for a very, very good
> > **technical** reason, that's a rather ugly way to solve a problem. 
> 
> The main reason cupsys includes GS is laziness; Easy Software Products
> did some things to it that I don't fully understand yet, and I'm loath
> to pull it out without a working replacement.

They did some heavy customizing and I *think* some bugfixing in GS' internal
ps files as well. THAT is beyond my current abilities to judge, as I don't
speak PostScript :-(

They also changed a lot of stuff inside the GS interpreter when dealing with
Media and Page size. It works I guess, but I'd not touch that mess with a 2m
pole without a fairy good understaining of GS in the bag, so to speak.

> > Besides, something called the Common UNIX Printing System HAS to follow the
> > Unix way, ne? That means piping through GS, not including it... even if it

Upstream has not been very nice in that specific point. Well, as long as
they don't mind critcisms and patches, it's not a big problem.

> I haven't seen the KPP front end; I'll have to take a look, and
> package it (that is, if it isn't already).

Please do, KPP is a very good thing to have along with CUPS.

> > cannot be avoided, as IPP is layered over http. But cupsys also serves a lot
> > of help docs through its http layer, which might need some automatic
> > disabling or something like that when the -doc package isn't installed.
> 
> This is something I've been thinking about.  One possibility: the
> index page (which contains the link to the documentation) could be an
> alternative, with the default cupsys one not including a documentation
> link, and the cupsys-doc one including it.  I believe that the docs
> are all referenced from a central start link, so removing one link
> will suffice.

You'd just need to point the index page to
http://www.cups.org/documentation.html, if the local documentation isn't
installed.

> Don't think it's possible now, except by doing things like listening
> on localhost only.  That's because the same interface that allows you

I think you can Deny from All just about everything in /etc/cups/cupsd.conf,
but I haven't tested that yet.

> > I'm worried about cupsys' security. It has too much "nifty network
> > awareness" (i.e.: browsing, serving files(!) and running cgi scripts(!!))
> > for my tastes, Personally, I'll not trust it in a hostile network until I
> > have a LOT of time to look at it closer.
> 
> Point granted here.  There's been one DoS already, as well as an issue
> with a broadcast autodiscovery system CUPS can use (the existence of
> the broadcast tipped off some intrusion detection systems, which
> wasn't cool).  I can't imagine these will be the last.

Nor do I. As long as I can tell CUPS to stop playing like a Windows box in
the network... :-)

> > - To try to take advantage of magicfilter... or incorporate all that
> >   conversion support that magicfilter already has (at the very least DVI,
> >   compressed data and *roff). If CUPS has a fallback system for conversions,
> >   a wrapper script could be written I guess...
> 
> There's a wishlist bug for cupsys to recognize DVI already, so 'lpr
> file.dvi' would work.  This might be an interesting option; I can't

I'll get into it. Expect the full magicfilter stuff (DVI included) in one
month or two, maybe sooner.

I'm not a developer, so you'd either need to package it or sponsor me. But
it'll get done.

> > - To integrate CUPS with the distribution's font system (it really should
> >   share fonts AND font configuration with the gs-* packages) if that isn't
> >   done yet.  I know I would be VERY ticked off if I found out that my
> >   postscript stuff wasn't printing correctly because cupsys' embebedded
> >   postscript rasterizer was not even trying to use the postscript fonts
> >   installed in the system. I assume others might not like it either :-)
> 
> Be ticked off.  As of now, it doesn't.

I fixed that one already. Now it does. I even learned autoconf in the
process :-)

BTW: Make sure TempDir is set to something in the default
/etc/cups/cupsd.conf, otherwise pstoraster will crap tempfiles all over
/var/spool/cups/tmp (or crash if it isn't allowed to do it).

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Attachment: pgp8KDhDJ4Hat.pgp
Description: PGP signature


Reply to: