[cups.general] Possibly insecure default LogFilePerm value 0644
Helge Blischke
h.blischke at acm.org
Tue Jul 12 05:48:41 PDT 2011
Johannes Meixner wrote:
>
> Hello,
>
> On Jul 12 03:42 Helge Blischke wrote:
>> Making the error_log at least world readable makes sense in cases where
>> utilities outside of CUPS are used to schow diagnostic or status
>> information for aborted jobs to the user. For instance I myself often use
>> WARNING and NOTICE messages in my filters to log the occurance of
>> arguable conditions to the error_log.
>
> Could you provide more details because I do not understand why you need
> a world readable error_log file for this because tools like "lpstat"
> are run by normal users and can display queue state information
> (in particular the printer-state-message attribute in CUPS)
> via appropriate CUPS library calls (e.g. via a cupsDoRequest call)
> without the need to read the /var/log/cups/error_log file directly
> and e.g. WARNING/NOTICE messages in filters set the printer-state-message
> attribute according to "man 7 filter" (at least in CUPS 1.4.6 which I
> run).
>
>
> Kind Regards
> Johannes Meixner
Well, instead of compiling a full blown c program using the CUPS API and
implementing a lot of IPP stuff to get the needed information our of CUPS, I
just write a little Perl script which uses Perl's grep function to extract
the "[Job xxxx]" messages from the error_log file. It's just a matter of
economy.
Helge
More information about the cups
mailing list