From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matt Anderson Subject: Re: Re: cups userspace -- trusted programs? Date: Mon, 05 Jun 2006 14:10:57 -0400 Message-ID: <448473B1.5040501@hp.com> References: <447DF735.9090706@us.ibm.com> <447E1EB8.70907@hp.com> <447F15CC.4070308@us.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <447F15CC.4070308@us.ibm.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: redhat-lspp-bounces@redhat.com Errors-To: redhat-lspp-bounces@redhat.com To: Michael C Thompson Cc: redhat-lspp@redhat.com, Steve Grubb , Linda Knippers , Linux Audit List-Id: linux-audit@redhat.com Michael C Thompson wrote: >>> Personally, I think these tools should generate messages since they >>> are a source for leaking information, and therefore should be >>> restricted to administrators. I don't think they should be considered a source for leaking information. The only thing I see isn't a leak so much as a (extremely low bandwidth) covert channel of "is the printer enabled or disabled?" Since the use of these programs is restricted, we're covered under no-evil-admin. > Aside from what is *required*, I thought it would be a good thing to log > the queue/printer enable/disable. However, if cups is logging that, I'm > not sure it is worth being redundant in our logs. As long as LogLevel is set to info or higher you'll get a message in /var/log/cups/error_log like: [Timestamp] Printer 'foo' stopped by 'root'. I think I agree with you that its probably not worth being redundant, but if for someone finds a requirement for this to go to the audit log I don't see any issues around adding that. -matt -- redhat-lspp mailing list redhat-lspp@redhat.com https://www.redhat.com/mailman/listinfo/redhat-lspp