From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Thu, 27 Mar 2008 17:55:06 +0100 From: Klaus Singvogel Message-ID: <20080327165506.GA7647@suse.de> References: <47EA99E8.8020007@licquia.org> <47EAC155.4040206@gmail.com> <20080327141959.GB5084@suse.de> <20080327153111.GB17559@suse.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Subject: Re: [Printing-architecture] [lsb-discuss] LSB 4.0 and printing List-Id: Printing architecture under linux List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Johannes Meixner Cc: printing-architecture@lists.linux-foundation.org, lsb-discuss@lists.linux-foundation.org Johannes Meixner wrote: > > Have a network scanner (a scanner with ethernet connection) > in an office for several people. If the scanner has ethernet connection, any user can install drivers on his _desktop_. No need to restrict installation on a _server_, or? > Run the scanner driver (the SANE backend) together with > the saned on an arbitrary server machine somewhere in > a locked server room to have both the driver and the > access permission stuff under full control of the admin > of the central server. What's the advantage of your model? It seems not very practicable and a bit uncommon to me. Restricting printing access is easy to explain: every single page printed out costs resources (paper, toner, etc). But scanning? Why restricting a network scanner to special users and not to a special, secure place? If there is no trust to all of the users, why is the network scanner physical accessible to anyone, with danger of thefts, and the scanning restricted to users? Why not locking the scanner into a restricted room? I neither see how you can prevent scanning by the bad guys, if the scanner is still accessible by (physical) anyone and (by software) through whole network? I would suggest to setup a special desktop machine with limited physical access in such an scenario into a special secured room. IMHO more secure. Another solution for your example might be to setup a a _desktop_ machine and use (in a limited way) as a server for above scenario. No need to blow up all the other server machines with unnecessary scanner software. And I think it is a very limited, uncommon scenario you describe. Let us stay at the more common real life examples, please. > Run the scanning frontend together with the SANE "net" > meta-driver on the individual user's workstation where > it doesn't harm others if one user corrupts his workstation. Workstation means a desktop machine right? So again: scanning with SANE is done on the desktop machine. Kindly regards, Klaus. -- Klaus Singvogel SUSE LINUX Products GmbH Maxfeldstr. 5 E-Mail: Klaus.Singvogel@SuSE.de 90409 Nuernberg Phone: +49 (0) 911 740530 Germany GnuPG-Key-ID: 1024R/5068792D 1994-06-27 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)