https://bugzilla.novell.com/show_bug.cgi?id=752454
https://bugzilla.novell.com/show_bug.cgi?id=752454#c22
--- Comment #22 from Sebastian Krahmer 2012-03-28 11:19:33 UTC ---
In theory, it would. In practise, you end up having a lot
of trouble with symlinks, hardlinks, race conditions between
check and use etc. And since you transfer a filename to CUPS
rather than a fd, there will always be a race.
Thats why my proposal was to install a ppd-files.rpm via root
once cups is installed and then only allow users to chose ppd
files from that trusted directory that was created back then.
Not even allow them to install ipp:// socket:// printers; only
real hardware which makes it less easy to grab print jobs.
Do not know whether it is possible to only let root choose
some kind of 'priority', and let user only install
printers with lowest prio, so other users' print jobs cant
be hijacked. User can still use that printer via -P or alike
on his own box or make it default for his own box.
Of course only if the user is on the console.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.