[Openicc] Introduction / Gutenprint]

Craig Bradney cbradney at zip.com.au
Wed Apr 13 06:00:40 EST 2005


On Tuesday 12 April 2005 21:49, Michael Sweet wrote:
> Craig Bradney wrote:
> > ...
> > And the case where theres only one user on a computer using ICC and
> > the others not, and that person doesnt have rights to put files in a
> > system dir? Surely a profile can be loaded from anywhere. Are there
> > passwords in profiles in any case?
>
> No, but it is far easier to force files to be relative to a
> controlled directory than to filter out the paths and permissions
> allowed for a specific, possibly non-local user.  Both the System V
> lp and Berkeley lpr print spoolers have a long history of security
> problems caused by direct access/references to files.
>
> The issue isn't "are there passwords in profiles", it is "can I
> provide a filename to CUPS which will cause it to emit an error
> message that discloses some information that is in the file", or
> "can I provide a filename that will cause a buffer overflow in
> the ICC parser and execute arbitrary code"....
>
> In short, if you want to share your personal profiles, you need
> to run a command to do it (or have some nice GUI do it for you) -
> we won't configure CUPS to be insecure by default.

Ok.. continuing playing devils advocate here..

and in the case where the printer isnt run via CUPS? Shouldnt we be moving 
towards a general system (and user) location (/etc/icc and ~/.icc perhaps) 
rather than locating in a particular application's or server's install dirs?

Craig



More information about the openicc mailing list