Closed michaelrsweet closed 21 years ago
CUPS.org User: mike
Thanks, applied to CVS for 1.1.20.
"cups-perms.patch":
? cups-perms.patch
RCS file: /home/anoncvs/cups/scheduler/classes.c,v retrieving revision 1.52 diff -u -d -b -w -r1.52 classes.c --- classes.c 26 Apr 2003 17:09:55 -0000 1.52 +++ classes.c 12 Sep 2003 21:32:37 -0000 @@ -610,7 +610,7 @@
fchown(cupsFileNumber(fp), getuid(), Group); fchmod(cupsFileNumber(fp), ConfigFilePerm);
/*
RCS file: /home/anoncvs/cups/scheduler/client.c,v retrieving revision 1.172 diff -u -d -b -w -r1.172 client.c --- client.c 10 Sep 2003 02:49:13 -0000 1.172 +++ client.c 12 Sep 2003 21:32:38 -0000 @@ -1552,7 +1552,7 @@ SetStringf(&con->filename, "%s/%08x", RequestRoot, request_id ++); con->file = open(con->filename, O_WRONLY | O_CREAT | O_TRUNC, 0640); fchmod(con->file, 0640);
fchown(con->file, getuid(), Group);
LogMessage(L_DEBUG2, "ReadClient() %d REQUEST %s=%d", con->http.fd,
con->filename, con->file);
@@ -1844,7 +1844,7 @@ SetStringf(&con->filename, "%s/%08x", RequestRoot, request_id ++); con->file = open(con->filename, O_WRONLY | O_CREAT | O_TRUNC, 0640); fchmod(con->file, 0640);
fchown(con->file, getuid(), Group);
LogMessage(L_DEBUG2, "ReadClient() %d REQUEST %s=%d", con->http.fd,
con->filename, con->file);
RCS file: /home/anoncvs/cups/scheduler/ipp.c,v retrieving revision 1.218 diff -u -d -b -w -r1.218 ipp.c --- ipp.c 20 Jul 2003 12:42:34 -0000 1.218 +++ ipp.c 12 Sep 2003 21:32:40 -0000 @@ -2282,7 +2282,7 @@ }
fchmod(cupsFileNumber(out), 0640);
fchown(cupsFileNumber(out), getuid(), Group);
if (con->language) {
RCS file: /home/anoncvs/cups/scheduler/job.c,v retrieving revision 1.220 diff -u -d -b -w -r1.220 job.c --- job.c 10 Sep 2003 19:29:20 -0000 1.220 +++ job.c 12 Sep 2003 21:32:41 -0000 @@ -940,7 +940,7 @@ }
fchmod(fd, 0600);
fchown(fd, getuid(), Group);
ippWriteFile(fd, job->attrs);
RCS file: /home/anoncvs/cups/scheduler/log.c,v retrieving revision 1.36 diff -u -d -b -w -r1.36 log.c --- log.c 22 Aug 2003 22:01:24 -0000 1.36 +++ log.c 12 Sep 2003 21:32:42 -0000 @@ -525,7 +525,7 @@
if (strncmp(filename, "/dev/", 5))
{
fchown(cupsFileNumber(*log), getuid(), Group);
fchmod(cupsFileNumber(*log), LogFilePerm); } } @@ -553,7 +553,7 @@
if (strncmp(filename, "/dev/", 5)) {
fchown(cupsFileNumber(*log), getuid(), Group);
fchmod(cupsFileNumber(*log), LogFilePerm); } }
RCS file: /home/anoncvs/cups/scheduler/printers.c,v retrieving revision 1.153 diff -u -d -b -w -r1.153 printers.c --- printers.c 6 Aug 2003 18:05:23 -0000 1.153 +++ printers.c 12 Sep 2003 21:32:43 -0000 @@ -843,7 +843,7 @@
fchown(cupsFileNumber(fp), getuid(), Group); fchmod(cupsFileNumber(fp), ConfigFilePerm);
/ @@ -957,27 +957,27 @@ ppd_attr_t ppdattr; / PPD attribute _/ ipp_attribute_t attr; / Attribute data / ipp_valuet *val; / Attribute value */
"none",
@@ -1049,7 +1049,7 @@ }; int num_finishings; ipp_finish_t finishings[5];
Version: 1.1.20rc1 CUPS.org User: jlovell
It seems that too many files end up being owned by the CUPS_USER. There are two classes of these:
*.conf: Although they are initially set up correctly in conf.c as "run_user" they change ownership to "User" when they are rewritten. Having them owned by "User" allows, in theory, any of the filters to change these (i.e. hijack them by changing the device URIs) or to snoop passwords from printers.conf.
spool files: Have these writable by "User" would allow any of the filters to change them. If they are owned by root (run_user) then only cupsd can change them.
The attached patch fixes these (a review of the other chown's may be in order as well). Note that in printers.c I also threw a few sprinklings of "static const".
Comments?
Thanks.