[cups.general] Using smb backend without clear text passwords

[Johannes Meixner]

Hello,

On Feb 21 11:55 Luís Lobo wrote (shortened):
> Problem is, users can get the password from the
> "smb://username:password@windows/printerName" URL in the printer server.
...
> I noticed that cups 'hides' the password if the URL is in the format ...

We got some complaints about visible credentials in the URI too.

I think that CUPS 'hides' the password if a special URL has a
particular format is not a real solution but only a gracious
workaround for a bug in the backend.

I think if a backend must do authentication (or needs any other kind
of secret information) then it is up to the backend to provide a
method how to supply the secrets without clear text in the URI.

For example the backend could allow placeholders in the URIs like
smb://${USER1}:${PASSWORD1}@workgroup/smb_server/printer_share1
smb://${USER2}:${PASSWORD2}@workgroup/smb_server/printer_share2
and have a private file where the actual values for ${USER1},
${USER2}, ${PASSWORD1}, ${PASSWORD2} are stored.

As far as I see this should not cause any problems for Browsing:

Reason:

A CUPS network server would not broadcast the above URIs
but something like
ipp://cups_server.domain:631/printers/cups_queue1
ipp://cups_server.domain:631/printers/cups_queue2

As far as I see the replacement 'placeholders -> actual values'
happens only on the machine where the backend is actually executed
and only on this machine the backend's private file must exist.

For queries of the queue status of cups_queue1 and cups_queue2
the cupsd doesn't need the secrets of the backend.


Kind Regards,
Johannes Meixner
-- 
SUSE LINUX Products GmbH, Maxfeldstrasse 5      Mail: jsmeix at suse.de
90409 Nuernberg, Germany                    WWW: http://www.suse.de/