[Printing-architecture] [cups] CUPS 2.2.x drops interface scripts - How to create filtered queues without PPD

Matthias Apitz guru at unixarea.de
Wed Jun 15 09:09:16 UTC 2016


El día Tuesday, June 14, 2016 a las 11:00:56PM -0400, Michael Sweet escribió:

> Till,
> 
> > On Jun 14, 2016, at 6:53 PM, Till Kamppeter <till.kamppeter at canonical.com> wrote:
> > 
> > Hi,
> > 
> > I have seen now the new features list of the first beta of the CUPS 2.2.x series and one of the changes is
> > 
> > 	- Interface scripts are no longer supported for security reasons
> > 	  (<rdar://problem/23135640>)
> 
> Here is the original text from this (internal) bug report:
> 
> When a user adds a printer through the Web interface, it's possible to select a predefined model or to upload its own PPD (PostScript Printer Description) file, which is a file format created by vendors to describe the entire set of features and capabilities available for their printers. These files contain the PostScript code (commands) used to invoke features for the print job and hence, they have a preformated structure and known keywords.
> 
> CUPS doesn't check if the uploaded file is a valid PPD file, and therefore, it simply copies the file into the /etc/cups/interaces/ folder with 755 permissions (World executable).
> 
> As it could be seen, it was possible to upload a PDF, a txt and even an ELF executable into that directory through the Web interface. See attachment.
> ....

Michael,

While I understand to upload my own or vendor provided PPD file through
the web interface, which ends up in a directory /usr/local/etc/cups/ppd
on my FreeBSD system, I do not fully understand how I could upload
additional code to /usr/local/etc/cups/interfaces (perhaps, because I
never did so). Could you please shed some light on this? Thanks

	matthias



-- 
Matthias Apitz, ✉ guru at unixarea.de, ⌂ http://www.unixarea.de/  ☎ +49-176-38902045
"Die Verkaufsschlager des Buchmarkts geben Auskunft über den Zustand einer Gesellschaft bzw.
sind, was diese Zeiten angeht, Gradmesser fortschreitenden Schwachsinns. ..." (jW 19.05.2016)


More information about the Printing-architecture mailing list