On Sat, Mar 3, 2012 at 11:10 PM, Chris Murphy <li...@colorremedies.com> wrote: > On Mar 3, 2012, at 1:00 PM, Neal Becker wrote: >> -> Don't ask for re-auth for an action that isn't really potentially harmful >> (e.g., adding a printer) > > Depends. What if what's being added is a remote printer, that's merely a way > to smuggle documents out of a company? So direct attach printers are probably > fair game for adding without authentication. The user clearly has physical > access to both computer and printer, the most applicable security control in > this context is physical. But to add a non-local IPP printer is possibly a > red flag.
Curiously enough, I was thinking exactly the opposite - anyone able to open a TCP/IP socket is able to print on a remote printer, so this does not need to be restricted; but accessing local hardware may be something a system administrator of a multi-user system may want to restrict. (You may have noticed that at least in some Windows versions, network printers can be configured per-user, but hardware-attached printers are always system-wide.) A complete lockdown to prevent transferring data out of the system is a much harder problem (even if you only allow users to run a web browser, they may use it to send data to a server). Mirek -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
