Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!uflorida!ukma!xanth!kremer
From: kremer@cs.odu.edu (Lloyd Kremer)
Newsgroups: comp.unix.wizards
Subject: Re: lpr output filters
Summary: a suggestion
Message-ID: <8414@xanth.cs.odu.edu>
Date: 11 Apr 89 17:39:57 GMT
References: <1158@novavax.UUCP>
Distribution: usa
Organization: Old Dominion University, Norfolk, Va.
Lines: 40



In article <8185@chinet.chi.il.us> les@chinet.chi.il.us (Leslie Mikesell)
writes:
>*In article <1159@novavax.UUCP> gls@novavax.UUCP (Gary Schaps) writes:
>*>> > Does it seem reasonable to try to create an lpr output filter which 
>*>> > selectively prevents certain files from being printed?
>*
>*>I would like to "protect" certain files by making them "view only". 
>
>...................................  The best you could do would be
>to make the files unreadable by normal users and provide a setuid program
>that displays the contents only if the output is directly to a terminal.


This could be made even more secure by displaying not to just *any* terminal,
but specifically to /dev/tty.

How about this?  :

Create a pseudo-user, say "viewer".  Block the login sequence for this
pseudo-user.  Make all view-only files mode 400 viewer.  Write an executable
(not a shell-script) that just opens /dev/tty if possible, and copies the
requested file(s) to it.  Screen pagination would be a nice touch (--MORE--).
Make the executable setuid viewer.  This would (hopefully) discourage all
users except those resourceful enough to change their process's controlling
tty before running the executable.

Take care that the executable does not utilize on any other program such as
vi, ex, ed, etc.  The user could then write the buffer anywhere by means
of ':w ! lpr', or something similar.

This is no doubt still circumventable somehow, since one of UNIX's great
strengths is the ability to redirect and pipe anything anywhere, but it
might be useful as a starting point.


					Lloyd Kremer
					Brooks Financial Systems
					{uunet,sun,...}!xanth!brooks!lloyd