Activating the CUPS snmp backend in Ubuntu Feisty
Kees Cook
kees at ubuntu.com
Thu Mar 8 01:45:38 GMT 2007
On Wed, Mar 07, 2007 at 08:54:19AM -0800, Matt Zimmerman wrote:
> On Mon, Feb 26, 2007 at 11:33:31PM +0000, Till Kamppeter wrote:
> > on the IRC I talked with pitti about activating the CUPS backends which
> > were de-activated by Debian by moving them into
> > /usr/lib/cups/backend-available. The three de-activated backends are
> > serial, scsi and snmp.
> > [snip]
> > Pitti is, like me, in favour of activating it, but I also post here
> > because in a certain form this is adding a feature after feature freeze.
> > So I want to know what is the general opinion about activating the CUPS
> > snmp backend (and perhaps also the serial and scsi backends)?
>
> I recommend that it be reviewed, with your proposal in mind, by Kees Cook
> from the security team, if he has not already examined it.
Martin, are you in favour of this on principle, or did you already
examine the code?
I don't have an snmp printer to test it with (so I can watch the
"normal" traffic), but I'm happy to do a quick audit of the code. My
instinct would be that this is no less safe than trusting
avahi-discovered devices, but I'd like to examine the code paths just in
case.
--
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20070307/117bc071/attachment.pgp
More information about the ubuntu-devel
mailing list