On 03/02/2021 11.51, Robert Munteanu wrote:
On Wed, 2021-02-03 at 11:25 +0100, Carlos E. R. wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete.
This is a wild guess, but maybe you're accessing CUPS through the browser, using TLS, and the certificate is self-signed. Browsers would show that security dialog, but it does not mean that you've been hacked.
If I try <https://localhost:631/> on my Leap 15.2 (he uses TW), I get an error right at the start: +++···················· Warning: Potential Security Risk Ahead Firefox detected a potential security threat and did not continue to localhost. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details. Learn more... [Go back (reccomended)] [Advanced] ····················++- Of course, Doug: if you are getting that, YOU HAVE *NOT* BEEN HACKED! GOSH :-/ "Learn more" is not illustrative, it leads to a generic external page that doesn't say why I'm getting the error. Advanced says, as expected: +++···················· Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for localhost:631. Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT View certificate [Go back (reccomended)] [Accept the risk and continue] ····················++- And only if I click "accept the risk I get the page. Then I try to change the paper size of a printer; it asks for login and password, I say root, and it works. However, neither ~/.cups/lpoptions or /etc/cups/lpoptions were modified. So no, I could not reproduce his paper size problem. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)