Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!necntc!ames!sdcsvax!ucsdhub!hp-sdd!hplabs!hpcea!hpfcdc!stroyan
From: stroyan@hpfcdc.HP.COM (Mike Stroyan)
Newsgroups: comp.unix.questions
Subject: Re: SysV lp spooler a security hole
Message-ID: <5740015@hpfcdc.HP.COM>
Date: Wed, 9-Sep-87 19:09:54 EDT
Article-I.D.: hpfcdc.5740015
Posted: Wed Sep  9 19:09:54 1987
Date-Received: Sat, 12-Sep-87 17:04:46 EDT
References: <313@pvab.UUCP>
Organization: HP Ft. Collins, Co.
Lines: 13

>Sorry, this isn't acceptible.  I want to have the file name on the
>banner page and "lp" has no way of finding out the file name.

Using "lp -c filename" will solve the permissions problem.  The -c
option tells lp to make a copy of the file, instead of reading directly
from the original file when printing.  Since the lp command runs with
real-user-id of the invoking user, it can read the restricted file, and
makes a copy with ownership by lp and readable by only owner.  The
children of the lp scheduler have no trouble reading the copy.  The lp
bug would be corrected if the lp command would just copy by default when
a file is not readable by others.

Mike Stroyan, hpfcla!stroyan