cups userspace -- trusted programs?
Michael C Thompson
thompsmc at us.ibm.com
Wed May 31 20:06:13 UTC 2006
Hey all,
I'm wondering if the intent of the cups userspace tools are to be
trusted programs? Specifically I'm curious about cupsaccept, cupsreject,
cupsenable and cupsdisable. The reason I ask is because if they are
supposed to be trusted programs, they don't generate unique audit
messages like other programs.
Personally, I think these tools should generate messages since they are
a source for leaking information, and therefore should be restricted to
administrators.
Thanks,
Mike
More information about the Linux-audit
mailing list