[cups.development] [RFE] STR #2370: Provide a configure option for running the server as non-root

[Martin Pitt]

Hi Mike,

Michael Sweet [2007-04-30  9:22 -0400]:
> By running as an unprivileged user, you lose all Kerberos support,

I didn't use Kerberos so far, but that seems weird to me. Other
services like PostgreSQL use Kerberos happily without *ever* running
as root, and an authentication protocol which would only work as root
would be really strange.

> LPD support,

-rwsr-xr-- 1 root lp 23724 2007-04-04 10:38 /usr/lib/cups/backend/lpd

> certificate support, 

Hm? Why you would need to be root just to read and write a file with a
random number? Certificates work fine with the patch, and they have
worked with 1.1 and RunAsUser in the past (with some bug fixes AFAIR,
though).

> and proxy authentication support.  

I did not try this out yet, but passing authentication credentials
around does not sound like needing any root privileges (squid runs the
main stuff as normal system user as well). Can you explain that in
more detail, please?

> CUPS *needs* to run as root. We will not add this patch.

I have yet to see a technical argument for that. NB that there are
actually very few reasons why some application would need root
privileges, such as permanent low-level hardware access or permanent
opening/closing of privileged sockets (and even those can be further
reduced with e. g. Linux capabilities, but it gets OS specific here).

Also, I never proposed to enable it by default. The patch simply adds a
non-default configure option, nothing more.

Thanks,

Martin

-- 
Martin Pitt              http://www.piware.de
Ubuntu Developer   http://www.ubuntulinux.org
Debian Developer        http://www.debian.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.cups.org/pipermail/cups-devel/attachments/20070502/13ceaa4b/attachment.sig>