Bug#386325: marked as done (cupsys: lpd backend not setuid)

To: Kenshi Muto <kmuto@debian.org>
Subject: Bug#386325: marked as done (cupsys: lpd backend not setuid)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 09 Dec 2006 07:50:18 -0800
Message-id: <[🔎] handler.386325.D386325.116567815328696.ackdone@bugs.debian.org>
References: <20061209152909.6718C1A7DDC@mail.topstudio.co.jp> <20060906191221.14040.95264.reportbug@roadrunner.cs.arizona.edu>

Your message dated Sun, 10 Dec 2006 00:29:09 +0900
with message-id <20061209152909.6718C1A7DDC@mail.topstudio.co.jp>
and subject line [Pkg-cups-devel] Bug#386325: cupsys: lpd backend not setuid
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: cupsys: lpd backend not setuid
From: "John H. Hartman" <jhh@CS.Arizona.EDU>
Date: Wed, 06 Sep 2006 12:12:21 -0700
Message-id: <20060906191221.14040.95264.reportbug@roadrunner.cs.arizona.edu>

Package: cupsys
Version: 1.2.2-2
Severity: normal


/usr/lib/cups/backend-available/lpd must be setuid root for it to be
able to create a reserved port to connect to the server, as some servers
require. The setuid bit is not set during installation causing the
backend to fail with a cryptic error message. 


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-1-em64t-p4-smp
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)

Versions of packages cupsys depends on:
ii  adduser                  3.97            Add and remove users and groups
ii  cupsys-common            1.2.2-2         Common UNIX Printing System(tm) - 
ii  debconf [debconf-2.0]    1.5.3           Debian configuration management sy
ii  gs-esp                   8.15.2.dfsg.1-2 The Ghostscript PostScript interpr
ii  libc6                    2.3.6.ds1-4     GNU C Library: Shared libraries
ii  libcupsimage2            1.2.2-2         Common UNIX Printing System(tm) - 
ii  libcupsys2               1.2.2-2         Common UNIX Printing System(tm) - 
ii  libdbus-1-2              0.62-4          simple interprocess messaging syst
ii  libgnutls13              1.4.2-1         the GNU TLS library - runtime libr
ii  libldap2                 2.1.30-13+b1    OpenLDAP libraries
ii  libpam0g                 0.79-3.2        Pluggable Authentication Modules l
ii  libpaper1                1.1.20          Library for handling paper charact
ii  libslp1                  1.2.1-5         OpenSLP libraries
ii  lsb-base                 3.1-15          Linux Standard Base 3.1 init scrip
ii  patch                    2.5.9-4         Apply a diff file to an original
ii  perl-modules             5.8.8-6.1       Core Perl modules
ii  procps                   1:3.2.7-2       /proc file system utilities
ii  xpdf-utils [poppler-util 3.01-9          Portable Document Format (PDF) sui
ii  zlib1g                   1:1.2.3-13      compression library - runtime

Versions of packages cupsys recommends:
ii  cupsys-client           1.2.2-2          Common UNIX Printing System(tm) - 
ii  foomatic-filters        3.0.2-20060712-3 linuxprinting.org printer support 
ii  smbclient               3.0.23c-1        a LanManager-like simple client fo

-- debconf information:
* cupsys/raw-print: true
* cupsys/ports: 631
* cupsys/backend: ipp, lpd, parallel, socket, usb
  cupsys/portserror:
* cupsys/browse: true

--- End Message ---

--- Begin Message ---

To: 386325-done@bugs.debian.org

Subject: Re: [Pkg-cups-devel] Bug#386325: cupsys: lpd backend not setuid

From: Kenshi Muto <kmuto@debian.org>

Date: Sun, 10 Dec 2006 00:29:09 +0900

Message-id: <20061209152909.6718C1A7DDC@mail.topstudio.co.jp>

In-reply-to: <20060906191221.14040.95264.reportbug@roadrunner.cs.arizona.edu>

References: <20060906191221.14040.95264.reportbug@roadrunner.cs.arizona.edu>
Version: 1.2.4-2
thanks

At Wed, 06 Sep 2006 12:12:21 -0700,
John H. Hartman wrote:
> /usr/lib/cups/backend-available/lpd must be setuid root for it to be
> able to create a reserved port to connect to the server, as some servers
> require. The setuid bit is not set during installation causing the
> backend to fail with a cryptic error message. 

Since 1.2.4-2, lpd backend has a permission 0700 root:root.
When CUPS scheduler can't run backend as unprivilege user,
scheduler will launch backend as root. So lpd backend
in current version will be running as root.
Although it seems bit strange way, this is the design of
upstream (well, setuid-root seems more dangerous).

Thanks,
-- 
Kenshi Muto
kmuto@debian.org
--- End Message ---

Reply to:

Prev by Date: Bug#138726: eel razor blade
Next by Date: Bug#399911: [Pkg-cups-devel] Bug#399911: cupsys: Prefer a debconf question to enable remote administration
Previous by thread: Bug#138726: eel razor blade
Next by thread: Bug#399911: [Pkg-cups-devel] Bug#399911: cupsys: Prefer a debconf question to enable remote administration
Index(es):
- Date
- Thread