On Thu, 09-Dec-1999 at 15:02:41 -0800, Alfred Perlstein wrote:
> On Thu, 9 Dec 1999, Andre Albsmeier wrote:
>
> ...
>
> > For better reference, here is the current patch:
> >
> > *** lpr.c.ORI Thu Dec 9 15:30:18 1999
> > --- lpr.c Thu Dec 9 15:30:35 1999
> > ***************
> > *** 370,375 ****
> > --- 370,405 ----
> > }
> > if (sflag)
> > printf("%s: %s: not linked, copying instead\n", name, arg);
> > + /*
> > + * If lpr was invoked with -r we try to move the file to
> > + * be printed instead of copying and deleting it later.
> > + * This works if the file and lpd's spool directory are
> > + * on the same filesystem as it is often the case for files
> > + * printed by samba or pcnfsd. In this case, a lot of I/O
> > + * and temporary disk space can be avoided. Otherwise, we
> > + * will continue normally.
> > + */
> > + if (f) { /* file should be deleted */
> > + seteuid(euid); /* needed for rename() */
> > + if (!rename(arg, dfname)) {
> > + int i;
> > + #if 0
> > + chown(dfname, userid, getegid());
> > + chmod(dfname, S_IRUSR | S_IWUSR |
> > + S_IRGRP | S_IWGRP);
> > + #endif
> > + seteuid(uid); /* restore old uid */
> > + if (format == 'p')
> > + card('T', title ? title : arg);
> > + for (i = 0; i < ncopies; i++)
> > + card(format, &dfname[inchar-2]);
> > + card('U', &dfname[inchar-2]);
> > + card('N', arg);
> > + nact++;
> > + continue;
> > + }
> > + seteuid(uid); /* restore old uid */
> > + }
> > if ((i = open(arg, O_RDONLY)) < 0) {
> > printf("%s: cannot open %s\n", name, arg);
> > } else {
> >
> >
>
> I don't have too much time to think about this, argue me this:
Sure, please tell me if you don't want to get CC'ed on this anymore.
>
> why should I allow a user to print any file on the system?
>
> the race condition is still there.
Right :-(. The file won't be given to the user anymore but he can
print everything. However, there must be a solution for this...
>
> -Alfred
>
-Andre
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
