Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 449753 - test page auth dialog assumes root user
Summary: test page auth dialog assumes root user
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: system-config-printer
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Tim Waugh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: F10Target
TreeView+ depends on / blocked
 
Reported: 2008-06-03 12:25 UTC by Jóhann B. Guðmundsson
Modified: 2008-06-03 16:40 UTC (History)
0 users

Fixed In Version: 1.0.0-2.fc10
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-06-03 16:40:44 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
IPP Print test page (231.17 KB, image/png)
2008-06-03 12:25 UTC, Jóhann B. Guðmundsson 		no flags Details
View All

Description Jóhann B. Guðmundsson 2008-06-03 12:25:45 UTC 
Description of problem:

See attached file for explanation... 

Version-Release number of selected component (if applicable):

system-config-printer-1.0.0-1.fc10.i386
system-config-printer-libs-1.0.0-1.fc10.i386

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Picture is worth more than a thousand words....
Comment 1 Jóhann B. Guðmundsson 2008-06-03 12:25:45 UTC 
Created attachment 308221 [details]
IPP Print test page
Comment 2 Tim Waugh 2008-06-03 12:45:43 UTC 
I don't really know what the problem you're trying to describe is.  I *think*
what you're trying to say is that you have a print server that requires 'Basic'
scheme authentication for submitting print jobs, and the administration tool's
default password prompt when printing a test page tries to authenticate as root
which may be incorrect.

Is that what you're trying to describe?

The reason we try to authenticate as root if a password is required when
authenticating as the current non-root user is that, as the administration tool
normally performs administrative tasks, it is usual for root to be the user that
is allowed to do them.

Perhaps for the special case of submitting a test page we should just display
the prompt when we initially are asked for a password, instead of reconnecting
as root.

The prompt text comes from libcups, not system-config-printer, and will not be
changed.
Comment 3 Jóhann B. Guðmundsson 2008-06-03 13:48:25 UTC 
"I don't really know what the problem you're trying to describe is.  I *think*
what you're trying to say is that you have a print server that requires 'Basic'
scheme authentication for submitting print jobs, and the administration tool's
default password prompt when printing a test page tries to authenticate as root
which may be incorrect. "

Right on the spot :) 

"The reason we try to authenticate as root if a password is required when
authenticating as the current non-root user is that, as the administration tool
normally performs administrative tasks, it is usual for root to be the user that
is allowed to do them."

From a desktop point of view is that all users should be able to add
an printer that's connect to his or her computer without the need to be "root"
or the "Administrator" just plug and pray the printer gets detected then the 
user is asked if he wants to add it as an local printer at least he should be
able to print an test page tweak it's setting and so fourth, without having to
be the "root" user.

Not quite seeing the security issues involved, that should prevent an local user
to add local and/or network connected printer(s) to his computer. 

While using root to do it might be consider security risk.. 

From an administrative point of view if the users sees the Authentication
box that asks him to provide the "Password for root on $server" and the
"Username:" field already contains the username root, he will first try his own
which of course wont work, then if that fails try to guess the root password on
the server or starts calling help desk or bother the printer admin. 
That is if $server is not localhost.

Actually it could be looked ad as an security issue for him sending his root
password over the wired ( might be sniffed and used to ssh to his machines since
we deliver fedora with sshd port wide open ) or him to be able to guess the root
password ( depends if the admin has been smart enough to restrict the access to
the admin section in cups ).

If I understanding you right here..

"Perhaps for the special case of submitting a test page we should just display
the prompt when we initially are asked for a password, instead of reconnecting
as root."

and your referring to "Authentication required for printing document" box. then
that is indeed an much better solution.

Since the prompt text comes from libcups and cannot be altered then the best
way is to restrict as much possible the use of that text to
localhost.localdomain and or locally connected printer to prevent any
misunderstanding that the user might have.
Comment 4 Tim Waugh 2008-06-03 14:44:36 UTC 
(In reply to comment #3)
> From a desktop point of view is that all users should be able to add
> an printer that's connect to his or her computer without the need to be "root"
> or the "Administrator"

Indeed -- however, that policy is stored in /etc/cups/cupsd.conf.  See my
upstream submitted patches for 'Require user @CONSOLE' etc.

Different sites will have different policies for this.
Comment 5 Tim Waugh 2008-06-03 15:26:49 UTC 
Fixed upstream.
Note You need to log in before you can comment on or make changes to this bug.