cupsys: New configuration file doesn't enable access and error logging by default

Automatically imported from Debian bug report #263953 http://bugs.debian.org/263953

Message-ID: <email address hidden>
Date: Fri, 06 Aug 2004 13:54:20 +0200
From: Michal Pasternak <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: cupsys: New configuration file doesn't enable access and error logging by
 default

Package: cupsys
Version: 1.1.20final+rc1-5
Severity: grave
Justification: user security hole

Here are differences that I've found, while installing latest cupsys package:

 -AccessLog /var/log/cups/access_log
 +#AccessLog /var/log/cups/access_log

 -ErrorLog /var/log/cups/error_log
 +#ErrorLog /var/log/cups/error_log

 -PageLog /var/log/cups/page_log
 +#PageLog /var/log/cups/page_log

I think those settings should be enabled.

Also,

 -Printcap /etc/printcap.cups
 +Printcap /var/run/cups/printcap

I don't know whether cupsys on upgrade automatically moves that file or not.
Please check that. Thanks!

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=en_US, LC_CTYPE=en_US

Versions of packages cupsys depends on:
ii adduser 3.59 Add and remove users and groups
ii debconf 1.4.30 Debian configuration management sy
ii gs-esp 7.07.1-9 The Ghostscript PostScript interpr
ii libc6 2.3.2.ds1-15 GNU C Library: Shared libraries an
pn libcupsimage2 Not found.
pn libcupsys2-gnutls10 Not found.
ii libgnutls11 1.0.16-4 GNU TLS library - runtime library
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libpaper1 1.1.14-0.3 Library for handling paper charact
ii libslp1 1.0.11-7 OpenSLP libraries
ii patch 2.5.9-2 Apply a diff file to an original
ii zlib1g 1:1.2.1.1-5 compression library - runtime

-- debconf information excluded

Message-Id: <email address hidden>
Date: Fri, 06 Aug 2004 21:47:28 +0900
From: Kenshi Muto <email address hidden>
To: <email address hidden>
Subject: Re: Bug#263953: cupsys: New configuration file doesn't enable access and error logging by
 default

At Fri, 06 Aug 2004 13:54:20 +0200,
Michal Pasternak wrote:
> Package: cupsys
> Version: 1.1.20final+rc1-5
> Severity: grave
> Justification: user security hole

Do you really understand what 'grave' means?

> Here are differences that I've found, while installing latest cupsys package:

What did you compare?

> -AccessLog /var/log/cups/access_log
> +#AccessLog /var/log/cups/access_log
> -ErrorLog /var/log/cups/error_log
> +#ErrorLog /var/log/cups/error_log
> -PageLog /var/log/cups/page_log
> +#PageLog /var/log/cups/page_log
>
> I think those settings should be enabled.

Of course they are already enabled. You would show correct log if you
check once. They are default value.

> Also,
> -Printcap /etc/printcap.cups
> +Printcap /var/run/cups/printcap

This is for Debian policy.
----------------------------------------
cupsys (1.1.19candidate4-1) unstable; urgency=low
    Move /etc/printcap.cups to /var/run/cups/printcap, since it's
    generated and non-editable. Also, take care of the /etc/printcap
    symlink. Closes: #187954.
----------------------------------------
--
Kenshi Muto
<email address hidden>

Invalid, and probably not applicable to the Warty version either

Message-ID: <email address hidden>
Date: Fri, 6 Aug 2004 09:18:14 -0700
From: Matt Zimmerman <email address hidden>
To: <email address hidden>
Subject: Re: Bug#263953: cupsys: New configuration file doesn't enable access and error logging by
 default

tags 263953 - security
thanks

--
 - mdz