On 15/09/2011 22:58, Wayne Stallwood wrote:
On 13/09/11 12:30, Laurie Brown wrote:
Here's one of mine (only checked one):
# ls -al /usr/sbin/cupsd -rwxr-xr-x 1 root root 365592 Jul 27 2009 /usr/sbin/cupsd
Stock Gentoo, stock cupsd install...
Ahh but cupsd should have needed a couple of security updates since Jul 2009 so maybe Dan is running a newer version than you, that when installed sets the daemon with tighter permissions.
On a side note you might want to consider upgrading cups at some point..from the top of my head there has been a rather nice privilege escalation flaw and one where a rogue IPP client can cause memory corruption in the cupsd process.
The second one would only be of concern if you were on a network shared with others. The first one could allow malicious code root access on your machine so affects you on or off a shared network.
Fair points, but a) it isn't used, and was only installed as a default install, and b) I'm the only person who gets anywhere near the machine.
Cheers, Laurie.