[cups.general] postscript exploits possible?
Jerome Alet
alet at librelogiciel.com
Thu May 10 12:00:38 PDT 2007
On Thu, May 10, 2007 at 11:53:35AM -0700, Adam Monsen wrote:
> (silly?) Quick question on using printer drivers with CUPS. Is it
> possible that a .PPD file could contain malicious code, and that CUPS
> could/would execute that to do something bad to the printer and/or the
> operating system?
>
> For instance, if cupsd was running as root, could there be an "rm -rf
> /" or something in the .PPD, and if so would CUPS just execute that
> and trash the hard drive?
>
> Please forgive my ignorance of CUPS and PostScript.
Not sure about the way the PostScript code is interpreted,
but CUPS PPD files can contain calls to external filter commands
through the *cupsFilter lines. Usually the permissions on
/etc/cups/ppd should prevent anyone from modifying these files
however, and if someone can modify these files your server
probably has already been compromised anyway.
bye
Jerome Alet
More information about the cups
mailing list