Package: cups
Version: 2.4.2-3+deb12u8
Severity: normal
I have tested the following settings and they significantly reduce the
potential for damage to the system and allows all the normal operations in my
tests.
Please change the default configuration to include at least some of these.
[Service
--- /tmp/cups.socket2017-03-22 00:58:17.980111961 +1100
+++ /lib/systemd/system/cups.socket 2017-03-22 00:58:24.516507263 +1100
@@ -3,7 +3,7 @@
PartOf=cups.service
[Socket]
-ListenStream=/var/run/cups/cups.sock
+ListenStream=/run/cups/cups.sock
[Install]
WantedBy=sockets.target
Th
Package: cups-daemon
Version: 2.2.1-8
Severity: normal
Tags: patch
/run has been around since 2011, I think it's time to stop using the /var/run
symlink. Supporting the symlink in SE Linux means supporting both names for
the contexts used in the initial creation of files and directories which I
w
