strugee
commented
4 years ago Who knows how well the relevant printer-adding code has been audited.
If you are worried about a malicious printer attacking your host's printer stack, Pop!_OS may not be for you, especially because even if you're not adding the printer automatically, you're still parsing data broadcast by the printer in the background in case the user wants to add it. You might want to consider Qubes OS instead, which can help compartmentalize and limit the damage of lots of problems like this - malicious USB devices attacking the host kernel, a compromised browser, etc.
I like Pop!_OS quite a bit, and whenever I reboot to it to play games I really enjoy using it. Frankly it is more pleasant to use than Qubes. But it is not designed for maximum security. If that's not the absolute top priority for you then Pop!_OS is probably a great fit, but it sounds like for you (and for me, to a certain extent) that isn't the case.
KloudKoder
Distribution (run
cat /etc/os-release):20.04
Related Application and/or Package Version (run
apt policy $PACKAGE NAME):Printers
Issue/Bug Description:
I can literally walk around the building and add a printer just by entering its physical wifi domain. I realize that you want to make it simple to add a printer, which I fully support, but this sort of behavior is pretty scary. Who knows how well the relevant printer-adding code has been audited. And there's no reason to assume that I want to add any printer at all, let alone my neighbor's.
Steps to reproduce (if you know):
Boot up within a few meters of a live printer. Wait for the notification telling you about its presence.
Expected behavior:
Ask the user during setup whether they want to disable the feature, enable it but always ask before adding, or just add every single printer within earshot as they walk down the street.
Other Notes: