[cups.general] privilege separation, what is it,and does cupsd use it?
Michael Sweet
mike at easysw.com
Thu Jul 27 08:40:36 PDT 2006
wtautz wrote:
> ...
> I notice that sshd is running as root . Does debian make it run as
> non-root? No, it runs as root. And yet we see cupsd running as cupsys
> user? Seems contradictory to the claim that all daemons should run as
> non root user in order to be secure. It seems rather presumptuous for
> outside distributions to hack upstream sources in a not so thought
> out manner, or perhaps I'm just misguided? I've heard that
> Debian/Etch runs cupsd as root? Can anyone confirm?
There is a bit of a double-standard. In the case of sshd, it *must*
run as root in order to do its job. CUPS, on the other hand, can run
as an ordinary user (I do it all the time for testing purposes), but
you lose a lot of functionality by doing so.
The best thing you can do is complain to your Linux distribution of
choice. Be polite and explain why the changes they've made are
causing problems for you. Escalate your complaints to the top (CEO,
president, whatever) if you have to.
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw dot com
Internet Printing and Document Software http://www.easysw.com
More information about the cups
mailing list