https://bugzilla.novell.com/show_bug.cgi?id=685093
https://bugzilla.novell.com/show_bug.cgi?id=685093#c4
Johannes Meixner changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jsmeix@novell.com
--- Comment #4 from Johannes Meixner 2011-04-06 08:22:52 UTC ---
FYI:
In the CUPS 1.4.6 sources there is in scheduler/process.c
-----------------------------------------------------------------------------
cupsdStartProcess(
..
struct stat commandinfo; /* Command file information */
..
if (RunUser)
user = RunUser;
else if (root)
user = 0;
else
user = User;
if (stat(command, &commandinfo))
{
...
}
else if ((commandinfo.st_mode & (S_ISUID | S_IWOTH)) ||
(!RunUser && commandinfo.st_uid))
{
...
cupsdLogMessage(CUPSD_LOG_ERROR,
"Unable to execute %s: insecure file permissions (0%o)",
command, commandinfo.st_mode);
}
-----------------------------------------------------------------------------
Additionally see "man 7 backend":
---------------------------------------------------------------------------
Backends without world execute permissions are run as the root user.
Otherwise, the backend is run using the unprivileged user account,
typically "lp".
---------------------------------------------------------------------------
If I understand this correctly the permissions
-rwsr-x--- 1 root lp ... /usr/bin/get_printing_ticket
let CUPS refuse to execute it.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.