[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CUPS

To: "misc@OpenBSD @OpenBSD" <misc@openbsd.org>
Subject: Re: CUPS
From: Jacob Meuser <jakemsr@jakemsr.com>
Date: Thu, 26 Feb 2004 12:15:38 -0801
Content-Disposition: inline
Mail-Followup-To: "misc@OpenBSD @OpenBSD" <misc@openbsd.org>
References: <C7FC3914-6854-11D8-B2EB-000393823B56@mac.com> <Pine.LNX.4.58.0402262052230.193@mayuresh.vsnl.com>
User-Agent: Mutt/1.4.2i

On Thu, Feb 26, 2004 at 08:54:11PM +0530, Mayuresh Kathe wrote:
> On Thu, 26 Feb 2004, Javier Solorzano wrote:
> 
> > Anyone knows the reason why openbsd is so Cups negative?
> 
> The last time I read about CUPS it was full of buffer overflow bugs.
> Also, it is under the GPL.

Well, that was a while ago.  A lot of those have been fixed.  However,
there are still a lot of sprintf()s in the code (even though there's a
snprintf() implementation in the CUPS sources if the host OS doesn't
have snprintf()), and apparently some incorrect uses of sizeof().

What I don't get is that CUPS is the default print system for a lot of
OSes, but apparently none of them care to make CUPS more secure.

-- 
<jakemsr@jakemsr.com>

Follow-Ups:
- Re: CUPS
  - From: Mayuresh Kathe <mayuresh@vsnl.com>
- Re: CUPS
  - From: Marc Espie <espie@nerim.net>

References:
- CUPS
  - From: Javier Solorzano <jsolorz@mac.com>
- Re: CUPS
  - From: Mayuresh Kathe <mayuresh@vsnl.com>

Prev by Date: Re: Comments on amd64 motherboards
Next by Date: I just installed openbsd 3.4 and I think I bit off more than I can chew
Prev by thread: Re: CUPS
Next by thread: Re: CUPS
Index(es):
- Date
- Thread