Secure print?
Helge Blischke
h.blischke at acm.org
Tue Jun 12 14:03:36 PDT 2012
franz. pfoertsch. brose wrote:
>> At the CUPS site, look into the documentation regarding ppdc and
>> ppdcfiles. And, in most cases, you'll need to make a filter specific to
>> make and model to deal with the PPD extensions for "secure printing".
>> But be qware that querying for username and password or the like will be
>> a challenge with respect to security considerations on the job
>> originating host. Especially on systems where CUPS runs in a sandbox (as
>> in Mac OS X 10.6 and higher) you probably need a helper application to do
>> that.
>>
>> Helge
>>
>>
> I know the ppdc compiler, but the compiler does not suppor JCL-code, so I
> open http://www.cups.org/str.php?L4115 to support the missing. But all of
> this code is depricated. Support should be done by openprinting.org.
>
> You are right with the security considerations!
>
> But nobody is able to expand the gui with the missing extensions.
> PPD's only supports 'Pickone' and 'Boolean', we need the 'Password' and so
> on.
>
> regards
> Franz
One more issue to consider:
The (usual) username / password combo is often converted to an encrypted
credential based on proprietary algorithms, and the proprietary software to
do that is often only available on Windows.
What I have done (for some KonikaMinolta Bizhub printers) was:
- set up a fake printer on Linux which "prints" to a file but with the
original printer's PPD.
- set up this printer on a Windows box using the original installer but set
up a connection to the Linux fake printer using Samba
- did a secure test print for every username / password combo I needed
- copied the encrypted strings together with an identification into a
filter specific to this printer make and model.
I must admit that this approach is only feasible if the number of
credentials to be handled is fairly small.
Helge
More information about the cups
mailing list