Re: [RFR] templates://foomatic-filters/{foomatic-filters.templates}
Christian Perrier wrote:
> Your review should be sent as an answer to this mail.
Another one I haven't got much to say about.
> _Description: Enable logging debug output into a logfile (INSECURE)?
> + If you choose this option, the logfile will be named /tmp/foomatic-rip.log.
> .
> + This option is a potential security issue and should not be used
> + in production. However, if you are having trouble printing, you should
> + enable it and include the logfile in bug reports.
>
> The logfile by itself is not the security issue. It's having it and
> the software logging to it that is a risk.
I was thinking it's unwise to make it a predictably-named file in a
world-writable directory instead of using /usr/bin/tempfile. What
if some joker gets there first with a symlink to /etc/password? But
that's probably outside the scope of this review.
> The installation process may have already detected the correct
> - spooler; however, if this is the first time you are installing
> - Debian, or you somehow have more than one spooler installed on your
> - system, the detected spooler may be incorrect.
> + spooler; however, if this is the first installation of this system,
> + or if more than one spooler is installed,
> + the detected spooler may be incorrect.
>
> Unbranding.
Instead of "first" installation, say "initial". If I repeatedly
reformat my harddrive and reinstall, that won't make it any more
likely to succeed the second or third time! What does matter is
whether you've already got a working desktop environment before you
add (something that pulls in) foomatic-filters.
--
JBR
Ankh kak! (Ancient Egyptian blessing)
Reply to: