Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!bloom-beacon!oberon!bbn!uwmcsd1!uwmacc!hobbes!root
From: root@hobbes.UUCP (John Plocher)
Newsgroups: comp.unix.questions,comp.bugs.sys5
Subject: Re: SysV lp spooler a security hole
Message-ID: <212@hobbes.UUCP>
Date: Thu, 10-Sep-87 04:20:35 EDT
Article-I.D.: hobbes.212
Posted: Thu Sep 10 04:20:35 1987
Date-Received: Sat, 12-Sep-87 16:36:30 EDT
References: <313@pvab.UUCP> <193@sortac.UUCP> <7233@e.ms.uky.edu>
Reply-To: root@hobbes.UUCP (John Plocher)
Followup-To: comp.unix.questions
Organization: U of Wisconsin - Madison  Spanish Department
Lines: 28
Xref: mnetor comp.unix.questions:4003 comp.bugs.sys5:210

+---- David Herron writes the following in article <7233@e.ms.uky.edu> ----
| >Not really; all you need to do is "lp < secretstuff".
| 
| Sorry, this isn't acceptible.  I want to have the file name on the
| banner page and "lp" has no way of finding out the file name.
| 
| Why can't lp do some IPC to a priviledged process to tell it 
| to print things?
+----

fer chrissakes!  try this:

:
#
# This is a sample file called ~/bin/print, mode 755
#
/usr/bin/lp -t$1 < $1


invoke as "print file"
rename it to "lp", make sure ~/bin in in your path before /usr/bin, and 
then invoke as "lp file".

why bother with IPC et al?

-John
-- 
John Plocher uwvax!geowhiz!uwspan!plocher  plocher%uwspan.UUCP@uwvax.CS.WISC.EDU