[cups.general] privilege separation, what is it, and does cupsd use it?

wtautz wtautz at cs.uwaterloo.ca
Thu Jul 27 08:27:49 PDT 2006


Hi, I remember Michael talking about privilege separation in cupsd? Is
that correct?
I know that this phrase was first used in ssh as documented in
http://en.wikipedia.org/wiki/Privilege_separation.

I notice that sshd is running as root . Does debian make  it run as
non-root? No, it runs as root.
And yet we see cupsd running as cupsys user? Seems contradictory to the
claim
that all daemons should run as non root user in order to be secure. It
seems rather
presumptuous for outside distributions to hack upstream sources in a not
so thought
out manner, or perhaps I'm just misguided? I've heard that Debian/Etch
runs cupsd
as root? Can anyone confirm?

walter





More information about the cups mailing list