> > On Wed, Jun 17, 1998 at 10:51:11AM -0400, [EMAIL PROTECTED] wrote: > > Hamish Moffatt writes: > > > On Wed, Jun 17, 1998 at 08:14:00AM -0400, Paul Miller wrote: > > > > How can I control who can print and who can't? > > > > > > I am guessing, but I guess you could put everyone who may print > > > in the lp group, and remove the setgid bit on /usr/bin/lpr* -- but > > > then those users will be able to play with the files in /var/spool/lpd > > > directly, which they normally cannot. > > > > > > > Or, one could use the TCP wrapper methodology. Rename lpr, create a wrapper > > and call it "lpr". Then have the wrapper check a "allowed user" file when a > > print request comes in. It then either passes on the printing job to the > > real > > lpr or rejects it with a diagnostic message (as a courtesy). > > However I think there is an element of "security by obscurity" in this -- > if they can find the original lpr, they can use it anyway. You can't make > the wrapper script unreadable, either; you could write a program, but > it's still going to know the location. I guess you could make the program > unreadable (but executable), and make the actual lpr binary directory > unreadable too. Urk.
What about this: -rwsr-sr-x 1 root lp 14236 Jul 30 1997 /usr/bin/lpr -rwxr-xr-x 1 root lp 14236 Jul 30 1997 /usr/bin/lpr.orig (fake listing, just for demo purposes) Now lpr is the wrapper program (not script) and the real lpr, lpr.orig does not have the right permissions to run. I think this is how sudo works. Eric -- E.L. Meijer ([EMAIL PROTECTED]) | tel. office +31 40 2472189 Eindhoven Univ. of Technology | tel. lab. +31 40 2475032 Lab. for Catalysis and Inorg. Chem. (TAK) | tel. fax +31 40 2455054 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
