make backend invocation compatible to upstream
Bug #119289 reported by
Martin Pitt
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| cupsys (Debian) |
Fix Released
|
Unknown
|
|||
| cupsys (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Bug Description
Binary package hint: cupsys
Cups backends need to be executed as root when installed with 0700 permissions, and as normal user cupsys when being world-executable, to get compatible with the upstream behaviour and unbreak third-party backends. See the Debian bug for details.
| Changed in cupsys: | |
| assignee: | nobody → pitti |
| importance: | Undecided → High |
| status: | Unconfirmed → In Progress |
| Changed in cupsys: | |
| status: | Unknown → Fix Released |
Revision history for this message
| Martin Pitt (pitti) wrote | #1 |
| Changed in cupsys: | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
cupsys (1.2.12-1ubuntu2) gutsy; urgency=low
* Drop our derooting changes. It still has some regressions, and with
upstream not even acknowledging the need for improving cupsys' security we
will sit on this forever. (LP: #119289, LP: #129634)
- Drop derooting related patches:
06_
10_
09_
09_
- debian/
permission juggling.
- debian/rules:
+ Drop --with-cups-user and --enable-
options.
+ Do not modify the upstream default backend permissions.
- debian/
- debian/
- debian/NEWS: Drop description of derooting changes.
- debian/control: Drop adduser dependency.
* debian/
/var/
does not need CAP_DAC_OVERRIDE. This will make it possible to create a
sensible AppArmor profile.
* debian/
root).
* Add debian/
the former derooting patches. This uses complain mode for now, until we
got some more testing. Install it to /etc/apparmor.
debian/rules and reload apparmor in debian/
-- Martin Pitt <email address hidden> Thu, 02 Aug 2007 14:06:05 +0200