Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rutgers!rochester!udel!burdvax!sdcrdcf!trwrb!scgvaxd!stb!michael
From: michael@stb.UUCP
Newsgroups: comp.unix.questions,comp.bugs.sys5
Subject: Re: SysV lp spooler a security hole
Message-ID: <23@stb.UUCP>
Date: Thu, 17-Sep-87 02:49:32 EDT
Article-I.D.: stb.23
Posted: Thu Sep 17 02:49:32 1987
Date-Received: Sat, 19-Sep-87 08:21:33 EDT
References: <313@pvab.UUCP> <297@axis.fr>
Reply-To: michael@stb.UUCP (Michael)
Organization: STB BBS, LA, CA, USA, 90402, (213) 459-7231
Lines: 13
Xref: utgpu comp.unix.questions:3699 comp.bugs.sys5:223


Aparently my earlier message didn't get out, so...
 
There is a SIMPLE way to fix the problem with lp. Turn OFF the set-U-id
bit. Turn on the set-G-id bit (chmod 2755 file). Make the group permission
determine write ability to /usr/spool/lpd or whatever. PRESTO! Owner
permission is used to access files by NAME, and security is given for
access to the spooling directory.

			Michael
-- 
: Michael Gersten		seismo!scgvaxd!stb!michael
: Copy protection? Just say "Off site backup"