I have a fix I am testing that is going through internal review. However, since Apple software engineering is off this week (extension of Thanksgiving holiday) I don't know if I'll have sign-off until next Monday. Will post something as soon as it is available,
Sent from my iPad On 2012-11-19, at 1:59 AM, Yves-Alexis Perez <cor...@debian.org> wrote: > On dim., 2012-11-11 at 17:53 +0100, Didier 'OdyX' Raboud wrote: >> Hi Michael, >> >> Le dimanche, 11 novembre 2012 14.57:05, Michael Sweet a écrit : >>> Lest we forget why we run cupsd as root, here are a few reasons: >>> (…) >> >> Thanks for the explanation. >> >>> As for a proposed fix, I'm thinking we will disable the log file, >>> RequestRoot, ServerRoot, and DocumentRoot directives in cupsd.conf, and >>> add command line arguments in their place. That will retain >>> configurability while eliminating this particular attack vector. >>> >>> Thoughts? >> >> I don't quite like the "command-line arguments" solution, as it will >> probably >> lead to more machinery on our side (variable setting in /etc/default/cups , >> sourcing it from /etc/init.d/cups, etc). >> >> What about separating the configuration settings in two configuration files, >> one modifiable from the webinterface, and one only modifiable by root ? The >> first would contain the non-sensitive configuration settings, the latter >> would >> contain the paths, file definitions, etc. I would tend to prefer to keep >> configuration settings in configuration files. (But of course we'll cope >> with >> the upstream choice. :-) ) > > Any news on this? > > -- > Yves-Alexis Perez > Debian Security -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org