Printers should not be auto-added without permission from user
Bug #1716013 reported by
Greg Williams
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| gnome-settings-daemon (Ubuntu) |
Confirmed
|
Low
|
Unassigned | ||
Bug Description
If Ubuntu 17.04 or 17.10 connects to a network that has a printer, a dialog pops open telling me so-and-so printer has been added. What the heck?
First, why is the user not asked whether to add the printer or not?
Second, auto-adding devices from a network is bad security practice. What if it's a hostile network? It is well established that printers are a common attack vector on networks. Ubuntu's auto-adding printers is the kind of thing that should not be happening by default without some kind of dialog that asks for permission to add said printer. If this is not addressed, it's only a matter of time before this leads to a CVE for Ubuntu.
Revision history for this message
| Marc Deslauriers (mdeslaur) wrote | #1 |
Revision history for this message
| Greg Williams (greg2lapa) wrote | #2 |
| information type: | Private Security → Public Security |
Revision history for this message
| Sebastien Bacher (seb128) wrote | #3 |
| Changed in gnome-settings-daemon (Ubuntu): | |
| importance: | Undecided → Low |
| Changed in gnome-settings-daemon (Ubuntu): | |
| status: | New → Confirmed |
To post a comment you must log in.
Can I make this bug public?