Russell Coker wrote:
On Sunday 13 November 2005 00:18, Michael Sweet <mike@xxxxxxxxxx> wrote:
Please don't remove comments such as "this is not ideal, and allowing
setattr access to cupsd_etc_t is wrong". That's a design flaw in cupsd,
eventually we want to fix it. Removing the comment decreases the chance
of such a design flaw ever being corrected.
Well, given that the comment does not describe the "design flaw" in
enough detail to be useful, and that no one has posted this "design
flaw" to any of the CUPS forums or the STR page on the CUPS site, it
seemed like I was removing a comment that was confusing and
uninformative.
What is the design flaw?
The fact that cups requires write access to it's config directory and all
config files.
I know some people would prefer to hand-edit all files and place printer
state data in 5 different places, however no one has proposed an
alternate location for these files that makes sense WRT to the FHS.
We are absolutely committed to making CUPS easy-to-use, which means
allowing programs (in particular cupsd, which can provide finer-grained
authorization/access control to the configuration data than selinux) to
edit those files. CUPS also updates the printers.conf, classes.conf,
and subscriptions.conf files based on (persistent) state changes.
Anyways, I will update the comment to reflect this discussion.
........
On a related note, you have comments on a few other rules I'm not
clear on:
# temporary solution, we need something better
allow cupsd_t serial_device:chr_file rw_file_perms;
I'm guessing this refers to allowing write access to all serial ports?
Any thoughts/wishes on this end? We've looked at a variety of schemes
to identifying serial printer ports - providing separate device links
would seem to be the simplest solution - but there would need to be
some standardization (i.e. Linux distributors need to use it) for it to
be effective.
# for /var/lib/defoma
allow cupsd_t var_lib_t:dir search;
r_dir_file(cupsd_t, readable_t)
This appears to provide read/search access to files in /var/lib, but
I'm confused by the "defoma" bit?
# lots of errors generated requiring the following
allow cupsd_t self:netlink_audit_socket {
create_netlink_socket_perms nlmsg_relay };
allow cupsd_t self:netlink_route_socket { r_netlink_socket_perms };
What errors are generated? What programs are involved? Why are we
allowing rather than fixing?
Thanks again for your feedback - I hope my next patch will be both
less invasive and more accurate... :)
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw dot com
Internet Printing and Publishing Software http://www.easysw.com
|
