I realize now that it is possible that the problem is simply that in
the "modify printer" sequence, the user:pass information is not
displayed in the web form as the default value. It is also possible
that in some other circumstances, the result of sanitizing the
DeviceURI is mistakenly written back to printers.conf. I will try to
look into the code further. So far, I see that the function
cupsdSanitizeURI() is used to strip the user:pass information from the
URI for use in logfiles and so on -- this is appropriate. But as you
suggest, the unsanitized URI should be displayed in the "modify
printer" sequence as the default value of the web form, so that by
progressing through the "modify printer" series while accepting the
default each time does not change printers.conf. I believe root
privilege is required to enter "modify printer" so that it should not
be a problem to display the user:pass on the screen during "modify
printer". I think it is worth trying to verify that whenever the
DeviceURI is written to printers.conf, the value used is the
UNsanitized URI, never the sanitized URI. I have not found yet where
in the source code DeviceURI is written to printers.conf. If the
correct value is always written to printers.conf, then (of course) the
problem I experience must be derived from the sanitized default during
the "modify printer" web page sequence.
>> On Fri Feb 4 23:18:25 2005 -0500, Kenshi Muto <[EMAIL PROTECTED]> wrote:
K> As far as my reviewing code, this looks specification. Showing
K> username/password at web interface means all users can see it.
K> It is better to show username/password at modify window, but
K> current code looks haven't such a feature.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
