[cups.bugs] [MOD] STR #2668: Cups backend permissions (700 not 755) break diskless clients

Richard Neill rn214 at hermes.cam.ac.uk
Tue Jan 15 13:59:43 PST 2008


Dear Michael,

Thanks for your message. Sorry if I seem a little baffled, but that 
does not make sense to me.

  - Why should proxy authentication and LPD support require an *absence* 
of permissions to work?

  - How is it harmful for an unprivileged user to be able to read the 
contents of the binaries? It's open-source - a potential attacker could 
compile them himself!

  - What happens if an unprivileged use user just copies the binary file 
/usr/lib/cups/backend/ipp from somewhere else, and then executes it, 
while still remaining the "nobody" user ? Surely that can't be a 
security hole either?

I'd agree that it's dangerous to make the backends setuid root, and then 
755, but they aren't setuid.

Also, I just took a quick look in /sbin and /usr/sbin.  Virtually every 
executable has permissions 755, including apache2 and sshd. So I don't 
think your argument is correct.

Regards,

Richard

P.S. I tried to add the above to your bugzilla, but it seems to be 
missing the a link for comments on re-opening bugs.


Michael Sweet wrote:
> [STR Closed w/o Resolution]
> 
> We cannot make the defaults 0755, as that disables all of the security
> features added in CUPS 1.2.x.
> 
> You are free to make the change locally, however keep in mind that all
> proxy authentication and proper LPD support (privileged source port) will
> be disabled by the changed permissions.
> 
> Link: http://www.cups.org/str.php?L2668
> Version: 1.3.2
> Fix Version: Will Not Fix
> 
> 





More information about the cups-devel mailing list