[cups.development] [RFE] STR #3481: CUPS should use Trusted Extensions on Solaris
Norm Jacobs
naj at snapcon.com
Fri Jan 22 10:24:43 PST 2010
DO NOT REPLY TO THIS MESSAGE. INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.
[STR New]
The short version is that when running CUPS in a security labeled
environment on Solaris, the print jobs should be labeled according to the
security label of their submitter and requestors should not see jobs
outside of their label. This is similar to STR #2474: Support for SELinux
I am attaching a patch to cupsd that retrieves the security label from the
peer connection of each requester and uses that label to tag print jobs
with a security label and/or validate access to a print queue or job data.
This patch really only includes changes to label jobs in a Solaris Trusted
Extensions environment, but it identifies the locations where labeling
should be applied and abstracts the label retrieval and validation, so
changes for other operating systems should be fairly localized.
Link: http://www.cups.org/str.php?L3481
Version: -feature
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cups-tx.patch
URL: <http://lists.cups.org/pipermail/cups-devel/attachments/20100122/dc983e8e/attachment.ksh>
More information about the cups-devel
mailing list