Red Hat Bugzilla – Bug 165677
Printing to a SMB printer reveals credentials.
Last modified: 2007-11-30 17:11:11 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b3) Gecko/20050729 Fedora/1.1-0.2.5.deerpark.alpha2 Firefox/1.0+
Description of problem:
$ ps -ef |grep smb
root 1920 1 0 Aug08 ? 00:00:00 smbd -D
root 1922 1920 0 Aug08 ? 00:00:00 smbd -D
root 23715 1920 0 Aug09 ? 00:00:00 smbd -D
root 23716 1920 0 Aug09 ? 00:00:04 smbd -D
root 26309 1754 0 Aug10 ? 00:00:00 smb://192.168.170.20/nolav:email@example.com/HPLaserJet2300 27 noselasd 1 /var/spool/cups/d00027-001
root 28167 1920 0 08:13 ? 00:00:00 smbd -D
root 28168 1920 0 08:13 ? 00:00:01 smbd -D
Cups has been configured manually iirc, with a url for the printer as
(as that was the originally the only way on FC2 I could get it to work)
As shown above, something (cups/samba ?) changes the name of a process to this URL which includes the user and password.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
I'm not sure how.
Actual Results: Process reveals credentials through process name.
Expected Results: Credentials hidden.
You're using the wrong URI form. Refer to /usr/share/doc/cups-*/sam.html:
are the accepted forms.
Agreed, it seems the printers.conf has, for some odd reason
To my defence, this was created by the FC2 printer config actually, and I havnt'
touched it since upgrading.
I take it it masks out the credentials on valid URIs, and all is well.