[cups/f20] Fix conf/log file reading for authenticated users (STR #4461).
Tim Waugh
twaugh at fedoraproject.org
Thu Aug 14 12:24:21 UTC 2014
commit ba58bf89e4f7eeab1cdf32a16a1cbac3cde7ea18
Author: Tim Waugh <twaugh at redhat.com>
Date: Mon Aug 11 16:30:21 2014 +0100
Fix conf/log file reading for authenticated users (STR #4461).
cups-str4461.patch | 24 ++++++++++++++++++++++++
cups.spec | 8 +++++++-
2 files changed, 31 insertions(+), 1 deletions(-)
---
diff --git a/cups-str4461.patch b/cups-str4461.patch
new file mode 100644
index 0000000..81121f5
--- /dev/null
+++ b/cups-str4461.patch
@@ -0,0 +1,24 @@
+diff -up cups-1.7.4/scheduler/client.c.str4461 cups-1.7.4/scheduler/client.c
+--- cups-1.7.4/scheduler/client.c.str4461 2014-08-11 16:30:04.695889827 +0100
++++ cups-1.7.4/scheduler/client.c 2014-08-11 16:30:04.697889838 +0100
+@@ -3360,8 +3360,18 @@ get_file(cupsd_client_t *con, /* I - C
+
+ if (!status && !(filestats->st_mode & S_IROTH))
+ {
+- cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename);
+- return (NULL);
++ /*
++ * The exception is for cupsd.conf and log files for
++ * authenticated access.
++ */
++
++ if ((strcmp(con->uri, "/admin/conf/cupsd.conf") &&
++ strncmp(con->uri, "/admin/log/", 11)) ||
++ cupsdIsAuthorized(con, NULL) != HTTP_OK)
++ {
++ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename);
++ return (NULL);
++ }
+ }
+
+ /*
diff --git a/cups.spec b/cups.spec
index a0b5127..a52042a 100644
--- a/cups.spec
+++ b/cups.spec
@@ -11,7 +11,7 @@ Summary: CUPS printing system
Name: cups
Epoch: 1
Version: 1.7.5
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Url: http://www.cups.org/
Source: http://www.cups.org/software/%{version}/cups-%{version}-source.tar.bz2
@@ -65,6 +65,7 @@ Patch36: cups-web-devices-timeout.patch
Patch37: cups-final-content-type.patch
Patch38: cups-journal.patch
Patch39: cups-synconclose.patch
+Patch40: cups-str4461.patch
Patch100: cups-lspp.patch
@@ -252,6 +253,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
%patch38 -p1 -b .journal
# Set the default for SyncOnClose to Yes.
%patch39 -p1 -b .synconclose
+# Fix conf/log file reading for authenticated users (STR #4461).
+%patch40 -p1 -b .str4461
%if %lspp
# LSPP support.
@@ -640,6 +643,9 @@ rm -f %{cups_serverbin}/backend/smb
%{_mandir}/man5/ipptoolfile.5.gz
%changelog
+* Mon Aug 11 2014 Tim Waugh <twaugh at redhat.com> - 1:1.7.5-2
+- Fix conf/log file reading for authenticated users (STR #4461).
+
* Fri Aug 01 2014 Jiri Popelka <jpopelka at redhat.com> - 1:1.7.5-1
- 1.7.5
More information about the scm-commits
mailing list