[Pkg-cups-devel] r394 - cupsys/branches/cups-1.2-ubuntu/debian
Kenshi Muto
kmuto at debian.org
Fri Oct 6 00:21:09 UTC 2006
At Thu, 05 Oct 2006 08:29:30 +0000,
Martin Pitt wrote:
> Modified:
> cupsys/branches/cups-1.2-ubuntu/debian/changelog
> cupsys/branches/cups-1.2-ubuntu/debian/rules
>
> Log:
> * debian/rules: Do not install http/ipp backend with 0700 permissions
> (regression from 1.2.4-2). Closes: LP#63707
I describe a supplementary explanation about this for the record
and dear committers.
After reviewing the code, I noticed CUPS scheduler checked a backend
permission to decide a process owner for backend. When it can't
read/exec the backend file by unprivileged user, scheduler calls it
as 'root'.
Although I think it's not so good implementation, upstream uses it
anyway. Since CUPS 1.2.4-1 of Debian, we installed backends as mode
755, everyone can read/exec. So this may cause strange errors around
device or port because it's running with normal user permission.
About Ubuntu, because mpitt has already decided to let CUPS daemon
run as unprivileged user, he can't adopt upstream's method, therefore
he committed like above to his Ubuntu branch.
Debian will follow upstream's way at this time.
Thanks,
--
Kenshi Muto
kmuto at debian.org
More information about the Pkg-cups-devel
mailing list