Wolfgang Rupprecht wrote:
> 
> Colin Wood writes:
> > Take a look at /etc/mtree.  I think it contains files which list the
> > "proper" permissions for everything.
> 
> Thanks. I'd glanced at that file, but for some reason it didn't click.
> (I was expecting a file with permissions on each line.)
> 
> If I'm reading it correctly, /var/spool/lpd defaults to root.wheel .
> 
> In /usr/src/usr.sbin/lpr/lpd/lpd.c we find:
> 
>  * Strategy to maintain protected spooling area:
>  *	1. Spooling area is writable only by daemon and spooling group
>  *	2. lpr runs setuid root and setgrp spooling group; it uses
>  *	   root to access any file it wants (verifying things before
>  *	   with an access call) and group id to know how it should
>  *	   set up ownership of files in the spooling area.
>  *	3. Files in spooling area are owned by root, group spooling
>  *	   group, with mode 660.
>  *	4. lpd, lpq and lprm run setuid daemon and setgrp spooling group to
>  *	   access files and printer.  Users can't get to anything
>  *	   w/o help of lpq and lprm programs.
> 
> It appears that the code at one point assumed that the spool would be
> daemon writable.  Some place along the line things seem to have become
> more restrictive...

Well, unless there were some security-related issues involved in the
change, it's quite possible that someone made a mistake.  If no one with
more knowledge on the subject responds today, I'd file a PR.

Later.

-- 
Colin Wood                                 cwood@ichips.intel.com
Component Design Engineer - PMD                 Intel Corporation
-----------------------------------------------------------------
I speak only on my own behalf, not for my employer.