No subject
Mon Jan 30 16:48:31 UTC 2012
other users of the machine? If so, then it needs authentication."
(see also https://fedoraproject.org/wiki/User:Adamwill/Draft_Fedora_privilege_escalation_policy
). Under this rule, adding a system-wide printer definitely needs
administrative authentication (but we may provide a way to configure
single-user machines so that they don't require the authentication,
see again the draft).
Another way to look at this issue is - if printers were maintained
per-user (per-user, unprivileged cups daemon, per-user configuration,
per-user print queue), there would be no reason to ask for
authentication. Given that printers are so often networked nowadays
and no access to hardware is required, we might even be able to avoid
running the system-wide cups daemon at all in some cases. There would
be one less process running as root, no reason to authenticate, an
increase both in security and ease of use. We would be actually
_solving_ the problem instead of tinkering with administration
requirements to hide it so that Linus doesn't notice :)
Would something like this at all possible to do with cups and the
current printing design and protocols?
Mirek
More information about the devel
mailing list