Activating the CUPS snmp backend in Ubuntu Feisty
Kees Cook
kees at ubuntu.com
Thu Mar 29 01:16:41 BST 2007
On Thu, Mar 08, 2007 at 08:33:21AM +0100, Martin Pitt wrote:
> Kees Cook [2007-03-07 17:45 -0800]:
> > On Wed, Mar 07, 2007 at 08:54:19AM -0800, Matt Zimmerman wrote:
> > > I recommend that it be reviewed, with your proposal in mind, by Kees Cook
> > > from the security team, if he has not already examined it.
> >
> > My instinct would be that this is no less safe than trusting
> > avahi-discovered devices, but I'd like to examine the code paths
> > just in case.
>
> Right, and these SNMP printers are not even 'spontaneously'
> displayed/used, they just appear in the list of 'detected network
> printers' when adding a printer, so the 'distinguish clearly' part of
> our policy matches as well.
Okay, I've looked through this code, and I would agree that it is
relatively safe to use. It does pretty strict bounds checking, but I
did find one place where I can make the SNMP backend crash and overwrite
heap memory, but not in a controllable fashion. The program is separate
from the cups server, so the crash isn't a DoS, and the server reads the
backend replies very carefully, so I'm not worried about string
overflows there either. I'll send a bug report upstream, but I don't
think the issue should stop it from being enabled by default, given the
other factors mentioned in this thread.
--
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20070328/6db1ce75/attachment-0001.pgp
More information about the ubuntu-devel
mailing list