Hi Jerome, Jerome Alet [2007-06-07 21:42 +0200]: > Martin, you suggest a suid root backend to launch other CUPS > backends as root. Only as a temporary workaround. > This is not really possible as far as I know, for several reasons : It does work, since cups itself uses it for lpd. > the easiest way was certainely to > > chown root.root mybackend > chmod 700 mybackend (NB that 700 is not a Debian Policy compliant permission either, so we have to slightly change that for the backends we ship by default in the package. But that's not a problem as long as 700 works, too). > as specified in CUPS' documentation. > > don't forget that many CUPS backends are written in scripting languages, > and won't support being suid root. Right. As I pointed out in an earlier comment, the right thing to do (IMHO) is to change the derooting to make backend invocation compatible to upstream again. I'll look into that at some point. For now I'm just going to disable the derooting until we have a good solution for this. Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org
Attachment:
signature.asc
Description: Digital signature