Comment 19 for bug 154277
Revision history for this message
| Martin Pitt (pitti) wrote Re: [Bug 154277] Re: cups serial backend failed with Permission denied | #19 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Hi Loye,
Loye Young [2008-12-10 19:02 -0000]:
> I can tolerate the "fix" as a stopgap, but alarms are going off in my
> head that it's a bad idea.
Your caution is appreciated, however, I'm afraid with cups all bets
are off already. At the moment, cups' idea of security is pretty
backwards, the central daemon which does the network configuration and
lots of parsing runs as root, while some backends which access the
hardware run as unprivileged user. So running the serial backend as
root doesn't really change attack vectors here, if you break cupsd,
you have root in either case. Thus the change in this bug seems
acceptable to me.
For the historians, we carried a huge patch to make cupsd run as
unprivileged system user, but it caused way too many problems, and
since the need for it keeps being neglected by upstream, we can't work
against that forever. We replaced it with a relatively tight AppArmor
profile.