Hi all, as a matter of completeness, here's Tim Waugh's comment from the upstream tracker [0] on the road taken by Red Hat:
Le jeudi, 14 février 2013 15.48:38, Tim Waugh a écrit : > FWIW, in Red Hat Enterprise Linux we'll be addressing this differently: all > options will still be in cupsd.conf but a new option > "ConfigurationChangeRestriction" will govern checks that are performed on > new cupsd.conf files that are received via POST. Default value is "all", > meaning that all changes to security-sensitive options via POST will be > forbidden. Other options are "none" (prior behaviour) and "root-only" > (only root-authenticated users may make such changes). Now that we have released upstream's invasive fix to all our suites, I'm quite sure it's not worth investigating this alternative idea. Cheers, OdyX [0] https://www.cups.org/str.php?L4223 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
