[X2go-User] Printing Security
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Wed Jan 25 08:45:48 CET 2012
Hi,
On Di 24 Jan 2012 21:26:54 CET wrote:
> Hi All -
>
>
> There is a post on the new site re printing security (see below).
> Does anyone have experience with Possible Solution 1? We're hoping
> to get a few more pointers, maybe some extra documentation, some
> "here's how you avoid these pitfalls". Thanks!
nothing of the below has been implemented yet. I will comment on some
of the ideas.
> X2goServer == CUPS Server, latest implementation (as of 20110909):
>
> [...]
>
> using X2go printing locally (X2go server == CUPS server) then
> security (sudo) is not an issue any more(?)
>
> Nope still is (not a big one, though): Using CUPS the user can
> easily be faked, allowing to fill someone else's quota or print at
> their home printer.
Ok, good point.
> Possible solution 1
>
>
> Start a local cups-server for every user
>
> Server listens on a File-socket owned by the user
>
> Add a PDF-Printer to that server (as the cups-user runs as that
> user, there should be no issues with file permissions)
>
> Import printers from global server
>
> + Secure solution, as no other user is involved
>
> - Every user needs an extra instance (The extra memory usage should
> not be too much)
This has been discussed on the mailing list and the consensus was to
stay away from CUPS instances on a user basis. However, if someone
starts on implementing I will be happy to review and support coding.
> Possible solution 2
>
>
> Write a simple C-Program 'x2goprinter' that is run as the user who
> wants to print unsing the s-Bit
>
> The Program writes stdin to argv[1] in the printing-directory
>
> It also checks whether the user is x2goprint or root
>
> + Can be easily adopted
>
> - x2goprint must be installed by the client
>
> - s-bit → Needs security checks
I have already spent a couple of hours on a possible setuid/setgid-bit
solution. At the end I came to the conclusion that s-bit approaches do
not work with the current print file transfer workflow. Maybe I was
brain-blocked here, so if someone comes up with a proof of concept I
would love to support a moval away from sudo here.
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20120125/222c9f7a/attachment.pgp>
More information about the x2go-user
mailing list