Version: kprinter: 0.0.1 (using KDE KDE 3.1.1) Installed from: Mandrake RPMs Compiler: gcc version 3.2.2 (Mandrake Linux 9.1 3.2.2-3mdk) OS: Linux When logged as user "X" and trtying to print as user "Y" with Kprinter, if the rigth username and password are sent, kprinter floods the cups server. The server can be overloaded by multiple connections, and therefore unavailable. When cupsdoprint is killed, the kprinter application is displaying a message that shows the user id and password it was trying to use. It seems that it was using the given password but trying to print as user "X" instead of "Y". (cupsdoprint -P 'myprinter' -J 'Xserver.ps' -H '192.168.19.10:631' -U 'X:Ypassword' -o 'copies=1' blablabla....)
Subject: Re: New: kprinter floods cups server when printing as another user > When logged as user "X" and trtying to print as user "Y" with Kprinter, > if the rigth username and password are sent, kprinter floods the cups server. > The server can be overloaded by multiple connections, and therefore > unavailable. When cupsdoprint is killed, the kprinter application is > displaying a message that shows the user id and password it was trying to use. > It seems that it was using the given password but trying to print as > user "X" instead of "Y". (cupsdoprint -P 'myprinter' -J 'Xserver.ps' -H '192.168.19.10:631' -U 'X:Ypassword' -o 'copies=1' blablabla....) How did you try to make kprinter to print as another user? Basically, changing user is blocked when sending a file for printing because it can be seen as a security hole on systems that use print quotas.
Subject: Re: kprinter floods cups server when printing as another user Hi, some background: I print on the server specified in the /etc/cups/client.conf file. This server is a remote cups one (cupsys 1.1.14). from the command line I launch: [X@idos00 ~]# kprinter myfile.ps In kprinter I choose CUPS as my printing system. The appli is opening a popup window prompting for my username and password. At this point I put the username "Y" and password "Ypassword". If I dod it wrong I am rejected (no problem to that). But if I type it rigth, everything seems ok and it seems that I can print. Anyhow, when I press the print button, nothing happen on the client and the server is flooded until the connections are timeouted and then reflooded continuously. Regards, Jul. --- Michael Goffioul <goffioul@imec.be> a
Subject: Re: kprinter floods cups server when printing as another user > Hi, > some background: > > I print on the server specified in the > /etc/cups/client.conf file. This server is a > remote cups one (cupsys 1.1.14). > from the command line I launch: > [X@idos00 ~]# kprinter myfile.ps > > In kprinter I choose CUPS as my printing system. > The appli is opening a popup window prompting > for my username and password. At this point I put > the username "Y" and password "Ypassword". If I > dod it wrong I am rejected (no problem to that). > But if I type it rigth, everything seems ok > and it seems that I can print. Anyhow, when I > press the print button, nothing happen on the client > and the server is flooded until the connections > are timeouted and then reflooded continuously. > Regards, About using another username, I should actually remove the possibility to change the user name while printing, that means disabling the "user" entry field in the password dialog, and add some warnings when necessary to tell the user he cannot "cheat" the CUPS server and that the real username will be used instead. However, I don't think that the flooding problem is KDEPrint's fault. Indeed, if internally the cupsdoprint utility uses the 'X' username and 'Y' password, the only thing that should happen is being rejected by the server. I remember that CUPS once had a potential endless loop bug in its code, so if possible, I would suggest that you try to upgrade to a recent CUPS version and check if the problem still exists. I'll take care about locking the username when printing. As I said, the user should not be allowed to change the username, otherwise, he can cheat the CUPS server about print quotas or access restriction (ACL). Michael.
Subject: Re: kprinter floods cups server when printing as another user > I'll take care about locking the username when > printing. As I > said, the user should not be allowed to change the > username, > otherwise, he can cheat the CUPS server about print > quotas > or access restriction (ACL). But can this be considered as cheating the CUPs server ? to use another identity the user shall give the username and password conresponding. Which means he could anyway do a su or something similar. Wiewing it this way, chaging its identity is more a feature than a security hole. For example a system admin could be helping a user who is working on a workstation. The sysadmin may want to print some screenshots on his printer located at his office where the user has no right to print. Even if he'd have the right, why shall he spend his quota for the sysadmin's print? The security of the system is granted by the fact that the password is required, the security hole is more the method used to transport the password through the tcp connextion with cups. Another example would be a client and a server with different sysadmins, the client's root account wouldn't be able to print at all. Anyway thanks for the advice and I will try another cups version and the MaxClientPerHost directive which may limit the effects of the flood if not prevent it. Regards, Jul --- Michael Goffioul <goffioul@imec.be> a
Created attachment 1572 [details] Flooding problem fix (try) Could you try this fix: 1) compile the file using the command line: gcc -o cupsdoprint cupsdoprint.c -lcups -lkdefakes (you need CUPS and KDE development packages installed) 2) make a backup of the original executable in $KDEDIR/bin 3) copy the newly compiled executable cupsdoprint in $KDEDIR/bin 4) try again to print (do the required steps to flood the CUPS server) Does this solve the flooding problem? Michael.
Forget about the fix try-out. This generated the problem instead of solving it. Sorry. Try first to upgrade your CUPS installation and check if the flooding problem still exists. Michael.
Fixed both the user name problem, and the security issue due to password being passed on command lines.
Closing old Resolved status bug.