Hello, On Oct 20 00:08 Hosszu, John wrote (shortened): > HPLIP 2.7.10 - This release has the following changes: > > 1. Made a change to 55-hpmud.rules ...
I do not understand why there is OWNER="lp" in 55-hpmud.rules. When the owner is lp, then any CUPS filter script or backend can change the permissions as it likes, for example via http://www.cups.org/str.php?L790 With the default MODE="0666" there is not much to change for a possible attacker but think about that the admin may have specified a more restrictive mode but forgot to also change the owner to root. To be more on the safe side, I would like to have OWNER="root", GROUP="lp", MODE="0666" by default for openSUSE. Is there any functionality which does no longer work out of the box if OWNER="root"? For MODE="0666" the crucial question is whether or not it is possible that another user (e.g. someone who is logged in from remote) can somehow eavesdrop when a (confidental) document is printed or scanned. Is eavesdropping somehow possible with MODE="0666"? > 17. Added support for the following new printer(s): ... > - HP LaserJet 1018 (LJZjsMono w/plug-in) > - HP LaserJet 1020 (LJZjsMono w/plug-in) > - HP LaserJet 1022 (LJZjsMono w/plug-in) > - HP LaserJet 1022n (LJZjsMono w/plug-in) > - HP LaserJet 1022nw (LJZjsMono w/plug-in) For openSUSE I provide only HPIJS as package hpijs-standalone. Currently this package contains only /usr/bin/hpijs and some documentation. I build it via ------------------------------------------------------------ ./configure --prefix=/usr \ --libdir=%_libdir \ --disable-foomatic-xml-install \ --disable-foomatic-ppd-install \ --disable-doc-build \ --enable-hpijs-only-build make ------------------------------------------------------------ Assume the user has a ZJStream printer and he has somehow manually downloaded the necessary plug-in. Would then the plain /usr/bin/hpijs work for his ZJStream printer? I.e. would the plain /usr/bin/hpijs autmatically find his plug-in and use it or is additional software needed and in case of the latter which additional software from HPLIP is needed? By the way: There is nothing about the new LJZjsMono device class at http://hplip.sourceforge.net/tech_docs/device_classes.html or about the new plug-in mechanism at http://hplip.sourceforge.net/tech_docs/hpijs.html Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany AG Nuernberg, HRB 16746, GF: Markus Rex ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ HPLIP-Devel mailing list HPLIP-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/hplip-devel
