1) Make sure only you have root on the client workstations 2) Have your server only accept connections from port < 1024
3) Suid root your lp/lpr clients (if they aren't already, Solaris native are) and if needed configure them to use a source port below 1024 when connecting (no configuration needed with Solaris native clients) 4) As only your trusted client programs can talk to the server and the -U switch is nonexistant or disabled, the lp/lpr client program puts the calling users username in the controlfile it sends to the server.
smime.p7s
Description: S/MIME Cryptographic Signature
