Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!ut-sally!im4u!rutgers!uwvax!oddjob!gargoyle!ihnp4!twitch!ho7cad!wjc
From: wjc@ho5cad.ATT.COM
Newsgroups: comp.unix.questions,comp.bugs.sys5
Subject: Re: SysV lp spooler a security hole
Message-ID: <214@ho7cad.ATT.COM>
Date: Wed, 9-Sep-87 12:35:01 EDT
Article-I.D.: ho7cad.214
Posted: Wed Sep  9 12:35:01 1987
Date-Received: Sat, 12-Sep-87 03:08:46 EDT
References: <313@pvab.UUCP> <1284@mhres.mh.nl> <1986@kitty.UUCP>
Sender: nuucp@ho7cad.ATT.COM
Lines: 30
Xref: mnetor comp.unix.questions:3977 comp.bugs.sys5:200
In-reply-to: larry@kitty.UUCP's message of 8 Sep 87 04:28:05 GMT

Posting-Front-End: GNU Emacs 18.47.1 of Fri Jun 26 1987 on ho5cad (usg-unix-v)


In article <1986@kitty.UUCP> larry@kitty.UUCP (Larry Lippman) writes:
>>	   I personally find the Sys V lp spooler to be very useful and flexible,
>>   and offer the following suggestions for greater versatility.  These are some
>>   non-obvious application possibilities (at least non-obvious to a beginner
>>   from reading the documentation).
>>

To take this  a step  further  than  Larry's suggestions,  there's  no
reason you have to limit this to  output devices.  You  can use the lp
spooler to take care of anything that you want to happen in a serially
controlled manner.

For example, you could  whip up a  few shell scripts that  replace the
"troff" program (or  other resource hog)   with a feed into a  special
class of  printers in the lp  spooler.   These fake printers  are just
calls back to the real  troff program.  What that  means is that  only
one user (or "n" users  if you allow "n"  printers in this fake class)
runs  troff at a  time.  Although the user  interface could be made to
look just like  real troff, the  permissions problem that started this
discussion has to be accounted for.

You have to  mull this over  quite a bit  before you can do it without
losing your marbles  (unless you're already  pretty  familiar with the
administrative side of  lp),  but  the possibilities are  fairly  wide
open.  I  imagine that  similar  things could  be   done with lpr,  of
course, but I have no familiarity with it.

	Bill Carpenter
	(AT&T gateways)!ho5cad!wjc
	HO 1L-410, (201)949-8392