Bug 227045 - print/hplip: hp-setup allows non-root user to write into read-only directory
Summary: print/hplip: hp-setup allows non-root user to write into read-only directory
Status: Closed Works As Intended
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Ben Woods
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-28 18:27 UTC by freebsd
Modified: 2018-03-29 09:35 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (woodsb02)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description freebsd 2018-03-28 18:27:17 UTC 
hplip installs hp-setup to configure printers
This involves generating a .ppd file and writing it to /usr/local/etc/cups/ppd
This can be done by a non-root user.

The directory written:
$ ls -dl /usr/local/etc/cups/ppd
drwxr-xr-x  2 root  cups  512 Mar 28 12:09 /usr/local/etc/cups/ppd

The user involved: cupsadmin
$ grep cupsadmin /etc/group
wheel:*:0:root,cupsadmin
operator:*:5:root,cupsadmin
cups:*:193:cupsadmin

Note that while user cupsadmin is a member of wheel, the directory written
is only writeable by root; and while the user cupsadmin is also a member of
cups, the directory is not writeable by group cups.

The file written:
$ ls -lt /usr/local/etc/cups/ppd/HP*
-rw-r-----  1 root  cups  31122 Mar 28 12:03 /usr/local/etc/cups/ppd/HP_Officejet_Pro_8500_A909g.ppd
Comment 1 Tijl Coosemans freebsd_committer freebsd_triage 2018-03-29 09:35:47 UTC 
hp-setup talks to cupsd to add the printer and it's cupsd that generates the ppd file.