[cups.bugs] [LOW] STR #2274: Misleading comment in default configuration
twaugh.redhat
twaugh at redhat.com
Mon Mar 5 07:21:32 PST 2007
DO NOT REPLY TO THIS MESSAGE. INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.
[STR New]
Continuing on from STR #2272, the following comment:
# Only the owner or an administrator can cancel a job...
<Limit Cancel-Job>
Order deny,allow
Require user @OWNER @SYSTEM
</Limit>
is misleading because there is no authentication performed on the user
name, and 'cancel' has a -U option to supply a different user name than
the current one.
How about adding "Note: this is unauthenticated and may be overridden"?
Link: http://www.cups.org/str.php?L2274
Version: 1.2.8
More information about the cups
mailing list