Update to Mac OS10.3 password problem - Solution

Matt Broughton walterwego at macosx.com.invalid
Mon Jan 17 17:16:19 PST 2005


In article <19807-cups.general at news.easysw.com>,
 Anonymous <anonymous at easysw.com> wrote:

> Matt Broughton wrote:
> > In article <19471-cups.general at news.easysw.com>,
> >  Anonymous <anonymous at easysw.com> wrote:
> >
> > > Anonymous wrote:
> > > > Hi there I upgraded to Mac OSX10.3.5 <snip> a 
> > > > password is required. I never set a password for this "thingy". Even if I log on 
> > > > as admin I cant get into the Printer setup. 

<snip>
> >
> > There is a known problem with authentication in Mac OS X 10.3.x that
> > began with the security update of 2004-04-05.  I have posted a patch to
> > my website that will disable that portion of the security update and
> > allow access to the administrative functions via the web interface
> > without needing a username and password.
> > <http://my.vbe.com/~mbrought/ShadowHash_Patch.html>
> >
> > The cups.org web page <http://www.cups.org/faq.php?16> also discusses
> > this problem.  The patch on my site basically takes the route of
> > removing the troublesome lines in the cupsd.conf file.

> Hello, just one trick, in /etc/cups/cupsd.conf
> at the very end of the filereplace the lines:
> 
> #Encryption Required
> <Limit GET>
> AuthType Basic
> AuthClass System
> </Limit>
> 
> With
> 
> #Encryption Required
> <Limit GET>
> AuthType ShadowHash
> AuthClass System
> </Limit>
> 
> Then authentication via WWW interface seems to work... don't know who secure 
> it is though....

Your last sentence is the key sentence.  It only seems to work.  It is 
not secure at all.  You can enter any username and password in the 
authorization box and you will be "authorized".  You can even enter a 
username that does not exist and you will authenticate.  Try entering a 
username of "x" and a password of "no".  You will still have access to 
the administrative functions.

You have given directions that the CUPS server can't understand.  If you 
check your cups error log, you will see an error message every time the 
CUPS daemon is started.

-- 
Matt Broughton
Only relatives are absolute.




More information about the cups mailing list