[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Security question [#58427]
From:       Waldo Bastian <bastian () kde ! org>
Date:       2003-05-14 10:03:39
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 14 May 2003 10:35, Michael Goffioul wrote:
> I'm looking for external opinions. See
>
> http://bugs.kde.org/show_bug.cgi?id=58427

"When cupsdoprint is killed, the kprinter application is displaying a message 
that shows the user id and password it was trying to use."

If that's true, then that's a security concern. It shouldn't display the 
password. (See also http://bugs.kde.org/show_bug.cgi?id=57366 btw)

I don't see a problem allowing a user to print using another user-id. If the 
user has the credentials to do so, he is apparantly allowed to do so.

Cheers,
Waldo
- -- 
bastian@kde.org -=|[ SuSE, The Linux Desktop Experts ]|=- bastian@suse.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+whR7N4pvrENfboIRAkqeAKCVWKic9CWhXWpN3NS5l4LUeQHEbgCfbB3t
657sZTpy0a+Bo2II4nmyI6U=
=PWv0
-----END PGP SIGNATURE-----


[prev in list] [next in list] [prev in thread] [next in thread]