[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#263796: marked as done (please don't run cupsys as root)

Your message dated Fri, 7 Mar 2008 22:02:19 +0100
with message-id <20080307210219.GA18063@piware.de>
and subject line Closing
has caused the Debian Bug report #263796,
regarding please don't run cupsys as root
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
263796: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=263796
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: cupsys
Version: 1.1.20final+rc1-4
Severity: wishlist
Tags: patch

Hi!

cupsd currently runs as root, which is a big security hole and way
more than necessary.

I prepared an updated  package which lets cupsd run as normal user
cupsys and under a few auxilliary groups (which are necessary). The
changelog entry is:

|cupsys (1.1.20final+rc1-4ubuntu1) unstable; urgency=low
|
|  * added patch 33auxgroups: support running the cups server under auxilliary
|    groups
|  * added patch 34confRunAsUser: default cupsd.conf: add and enable RunAsUser
|  * cupsys.postinst: 
|    - create an user 'cupsys' and put it into groups lp, shadow, and dialout
|    - create /var/run/cups/ with owner cupsys (if it does not exist, it is
|      created with owner root and cupsd cannot write into it any more)
|  * cupsys.postrm: remove user cupsys
|  * debian/rules: configure with --with-cups-user=cupsys
|
| -- Martin Pitt <mpitt@debian.org>  Tue,  3 Aug 2004 18:17:59 +0200

You can get the interdiff against revision -4 from

   http://bye-bye-root.no-name-yet.com/patches/cupsys.min-privileges.diff

This patch has been tested successfully by several people now.

Thanks for considering and have a nice day!

Martin

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.7+skas-amd
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro

Versions of packages cupsys depends on:
ii  adduser                3.59              Add and remove users and groups
ii  debconf                1.4.30            Debian configuration management sy
ii  gs-esp                 7.07.1-9          The Ghostscript PostScript interpr
ii  libc6                  2.3.2.ds1-14      GNU C Library: Shared libraries an
ii  libcupsimage2          1.1.20final+rc1-4 Common UNIX Printing System(tm) - 
ii  libcupsys2-gnutls10    1.1.20final+rc1-4 Common UNIX Printing System(tm) - 
ii  libgnutls11            1.0.16-4          GNU TLS library - runtime library
ii  libpam0g               0.76-22           Pluggable Authentication Modules l
ii  libpaper1              1.1.14-0.3        Library for handling paper charact
ii  libslp1                1.0.11-7          OpenSLP libraries
ii  zlib1g                 1:1.2.1.1-5       compression library - runtime

-- debconf information:
  cupsys/raw-print: true
  cupsys/backend: ipp, lpd, parallel, socket, usb

-- 
Martin Pitt                 Debian GNU/Linux Developer
martin@piware.de                      mpitt@debian.org
http://www.piware.de             http://www.debian.org

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message --- 
Hi,

we have done this for a while in Ubuntu, but due to upstream's
absolute unwillingness to even discuss this we gave up maintaining
this patch. We now use an apparmor policy which is much easier to
maintain.

Martin

-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)

--- End Message ---
Reply to: