NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: bin/36540: a mass of fixes for lpr

The following reply was made to PR bin/36540; it has been noted by GNATS.

From: David Holland <>
Subject: Re: bin/36540: a mass of fixes for lpr
Date: Sat, 9 Feb 2008 06:04:50 +0000

 Unfortunately, you cannot just remove all the seteuid() calls that
 bracket privileged operations: if you continue to run the programs
 privileged, they will be insecure, and if you don't, they won't work.
 You've replaced only one such block (out of many) with alternate code,
 and that alternate code assumes that the process be running with
 privilege. (Which means you've made it insecure rather than making it
 not work.)
 Real privilege separation code for lpr/lpd would probably be a good
 thing. This isn't it though and I'm afraid it's not even really a step
 in the right direction.
 David A. Holland

Home | Main Index | Thread Index | Old Index