[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Password checking API
From: Michael Goffioul <goffioul () imec ! be>
Date: 2001-10-03 8:28:13
[Download RAW message or body]
> It may just be me, but if CUPS is a centralized toolset, then knowing the
> password of the user is fairly unlikely, just as unlikely as having the
> account on the same machine you are on. Wouldn't it be more likely that
> you would have the controlling password for the CUPS server then the
> account for the user whose job (not yours) you want to remove? In reality
> though, if the CUPS server is only checking the username than it already
> has a security problem. There should be a check against the requesting IP
> and the original user.
You're right. Changing the username to root to remove someone else's job
only makes sense if the CUPS server is on localhost, but this is a restriction
that can be introduced on client side. As I understand how CUPS works, it's
the client responsability to insure that the "requesting-user-name" is
the right one. If you set it to root in your request when posting a job,
the root is the owner of the job, even if you're not really root. This is
the same when removing a job: the client has to set the username correctly
to avoid introducing security hole.
That's why I wanted an authentification mechanism: to authenticate the
requested username before changing it. However this can only be done if
the server runs on localhost.
Michael.
--
------------------------------------------------------------------
Michael Goffioul IMEC-DESICS-MIRA
e-mail: goffioul@imec.be (Mixed-Signal and RF Applications)
Tel: +32/16/28-8510 Kapeldreef, 75
Fax: +32/16/28-1515 3001 HEVERLEE, BELGIUM
------------------------------------------------------------------
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic