Bug 49144

Summary: Root password prevents other users from printing
Product: [Retired] Red Hat Linux Reporter: Need Real Name <jking>
Component: passwdAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED NOTABUG QA Contact: Aaron Brown <abrown>
Severity: medium Docs Contact:
Priority: high    
Version: 6.2Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-12-18 13:57:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Need Real Name 2001-07-15 16:54:22 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
Giving root a password prevents users of text based programs (written in 
PDS-Adept, a 4th generation language)from being able to send print jobs to 
the printer.  

How reproducible:

Steps to Reproduce:
1. Creat a root passwd during installation.
2. create new user (any name)
3. passwd or not their login
4. enter text based application
5. try to print
6. system hangs with  "Spooling print.... su Password:"

Actual Results:  I get the "Spooling print..." message and am asked for a 
su Password.  First character I hit the screen scrolls up and I have to 
press the end key to get back to a login to straighten out the screen.   I 
get no printed output.  

Expected Results:  What it should do is print the job.  Not ask for a 
password.  Also any user should be able to be delegated the right to print 
to a system printer.  SCO UNIX operates that way, why can't Linux?

Additional info:

I can log the user on and break out of the program to a $ sign and can 
issue a "lpr -Preport /home/username/trace.prn" command and it will send 
the job to the printer?

Now if I edit manually the /etc/passwd and /etc/shadow files to remove the 
password from root. I can then log the user in and print from the 
application just fine.

Prior to doing the last I even tried giving the user "root lp adm" group 
associations.  Nothing has worked except for removing the root passwd.  
This is definately a SECURITY HAZARD report.  I can't secure a system like 
this and put it in the field just to have someone login and screw the 
files up and make unaurthorized changes to the system!

System specs:

AMD k6-2 500Mhz
128 Meg Ram
15 G hdd
40X CDrom
AGP S3 Video with 8Meg
Creative labs Awe 32 sound card
pci Kingston Network card @ 06c00 irq5
pci USR Modem @ 06800 irq 10
epson 500 printer configured as lp & report on /dev/lp0

Comment 1 Nalin Dahyabhai 2002-01-18 22:00:43 UTC
What command is the program running when it attempts to print (or equivalently,
which program is actually prompting for the password)?

Comment 2 Need Real Name 2002-02-01 19:51:03 UTC
We don't use passwords inside our program.  The print jobs are either sent to 
the spooler or directly to serial, parallel or remote machine printer ports.  
The software uses systems calls to print as far as I know.  This setup worked 
fine in Unix and Xenix.  Program issued the print job and the system just did 

Comment 3 Alan Cox 2002-12-18 13:57:23 UTC
Seems to be a bug in PDS Adept. Why it is using su before printing who knows