[X2go-dev] pending x2goprint patch / Possible security issues
Moritz Struebe
Moritz.Struebe at informatik.uni-erlangen.de
Mon Apr 18 09:13:47 CEST 2011
On 2011-04-13 17:43, Mike Gabriel wrote:
> Hi Morty,
>
> On Mi 13 Apr 2011 16:46:00 CEST Moritz Struebe wrote:
>
>> I also don't really see why x2goprint needs to be root.
>
> The cups-x2go/x2goprint principle is as follows:
>
> o cups-x2go can run on x2goserver or on another print server
> o cups creates a PDF (as root)
> o cups-x2go scp-copies the file to x2gprint at x2goserver which might
> be local
> o cups-x2go calls x2goprint on x2goserver
> o x2goprint (as user x2goprint) will pick up the print job
> o ... move it to /tmp/...
> o chown to the x2go session user
> o ... and move the print job to the x2goclient (sshfs)
>
> => the chown part needs root privs...
>
> Maybe we should really start thinking about a non-sudo way of getting
> the print job from the cups server to the x2goserver to the client...
I put some basic research into this, and what I found out by now is:
* Using Cups there is no way of generating the PDF locally if the server
is remote.
* Therefore I see no way around: x2goserver -> cups-server -> x2goserver
-> client
I don't think we can get around the ugly thing of the cups-server
connecting back to the x2go-server, but I do think we can get around
sudo using the sbit/suidperl once again. If we have a script in the user
home that is executed as the user, we can use that to pipe the pdf to
the appropriate folder. This file can be created by the client or one of
the server-scripts and can even be deleted if the client does not
support printing.
This way there is no need to become root and the worst thing that can
happen is, that the quota of the home is exceeded. No root, though.
Any thoughts?
Morty
--
Dipl.-Ing. Moritz 'Morty' Struebe (Wissenschaftlicher Mitarbeiter)
Lehrstuhl für Informatik 4 (Verteilte Systeme und Betriebssysteme)
Friedrich-Alexander-Universität Erlangen-Nürnberg
Martensstr. 1
91058 Erlangen
Tel : +49 9131 85-25419
Fax : +49 9131 85-28732
eMail : struebe at informatik.uni-erlangen.de
WWW : http://www4.informatik.uni-erlangen.de/~morty
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5867 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20110418/a2bff231/attachment.bin>
More information about the x2go-dev
mailing list