On Tue, 6 Jul 2004 19:37:31 -0400 Gregory Seidman <gss+debian@cs.brown.edu> wrote: <snip> > If xprint is broken, that's bad. However... > > [...] > } configuring xprint seems to be a major project/hack. > [...] > > ...I installed xprt-xprintorg with no difficulty. I then attempted to > print and, with absolutely no configuration on my part, it happily > found my CUPS printers. Furthermore, it still has a file output option > which produces Postscript. I think people are overreacting a bit here. That sounds great when it actually works. No such luck here, however. Instead I got my logs filled with error messages and the printer never spit out a page. I haven't had time to troubleshoot the error messages very much, but they weren't immediately helpful. Postscript, however, works very nice when output to Cups. But adding an extra step to print to file and then have the file output to the printer isn't fun. > } > As it now stands your choices are A) not print or B) downgrade to > } > a version that predates the brain damage. > [...] > > This is just FUD. And how so? Simply because it "just worked" for you? Assuming the Postscript printing vulnerability doesn't have an easy fix, why couldn't the developer simply make xprt the default and include a note about why he did it. It certainly wouldn't be the first package in Debian that gives you the option to do something insecure, but first warns you about all the bad things that might happen. Jacob -- GnuPG Key: 1024D/16377135 Random .signature #45: NT == No Thanks
Attachment:
pgpJKejwqFCFW.pgp
Description: PGP signature