Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'A fix for broken CUPS admin interface login in 10.3' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A fix for broken CUPS admin interface login in 10.3
Authored by: leenoble_uk on Aug 26, '05 09:39:21AM

I have yet to install the latest security updates but this might be partly my fault. Seems safe to talk about this now but I reported a bug some time ago to Apple about the fact that anyone can access your cups interface simply by typing your.ip.address:631 into a web browser. Without a password they couldn't do anything except get a list of all your previously printed jobs (document names) but even that might constitute a serious information leak to a business or home user.

Probably a good idea to update now the bug is fixed.

---
So, I said ... well, I can't actually remember exactly what I said. But it was one of the most enormously cruel and frighteningly witty put downs ever.



[ Reply to This | # ]
A fix for broken CUPS admin interface login in 10.3
Authored by: squirri on Aug 26, '05 10:04:37AM

I had the same authentication problem in Panther, trying to use CUPS to let our Windows machines print to a USB HP840C Inkjet, following a hint I found here.

I used the second methos as it seemed to be a bit more secure(not that I'm a Unix expert).

The hint then worked as advertised.

When I moved up to Tiger, I did a clean install after backing up my data(there were a few settings that had got into a mess) and tried the first method - commenting out the 4 lines in /etc/cups/cupsd.conf.

This worked a treat.

Not sure which is the most secure, but the first method is much simpler and less error prone as it doesn't involve cutting and pasting password hashes. I guess you could un-comment out these lines to put the security back where it was



[ Reply to This | # ]