Bug#702227: Permission of the backend too strict for a backend chain (beh, jasmine)
> As far as I can tell, all chained configurations that go through cups are
> working correctly, so that's definitely a minor issue for standard use cases.
Ok for 'jasmine', but 'beh' is a rather ''standard'' backend, that i
use extensively for some ''broken'' printers or print servers... very
useful if you don't want to be called on saturday morning at home...
> @Till: do you have an opinion on this bug ? I tend to think that as the
> default chaining through cups works, it's not worth fixing, but I'd welcome
> your input there.
I've a question: why (for example...) the 'ipp' backend have
permission:
gaio@eraldo:~$ ls -la /usr/lib/cups/backend/ipp
-rwxr--r-- 3 root root 43328 15 gen 04.08 /usr/lib/cups/backend/ipp
744 root.root? It really brake the CUPS security model to have it
root.lp, 754 (or 750)?
Probably i don't know CUPS (and indeed it is true ;), but i don't
understood why the 'lp' group have to not execute the backend... while
for example the 'socket' backend:
gaio@eraldo:~$ ls -la /usr/lib/cups/backend/socket
-r-xr-xr-x 2 root root 29988 15 gen 04.08 /usr/lib/cups/backend/socket
it is even executable by everyone?
I restate: i'm an ignorant, but seems to me that simply backend
permission is a mess... ;-)))
Thanks.
Reply to: