We are installing a package that I have very little trust in (but have no
choice in installing :-(, so I can't say no). To protect the rest of the
system from massive security holes it may contain (including shell escapes)
I want to run it via chroot() for obvious reasons.
My problem is that users of the package need to be able to print.
How can I do this from within a chroot'd process (with min effort :-) without
impacting normal (non chroot) users?
I'm running SunOS4.1.3, but will eventually go to Solaris 2.x.
We sit behind a strict packet filter and have users with virtually no
network knowledge except for the ones who know the root passwords anyway,
so a security through obscurity solution may be acceptable.
I don't need to restrict access to particular printers and am able to force the
package to print via any command I like.
Thanks in advance.
JohnG
--
John Gibbins The Western Australian Research Institute
The University of Western Australia for Child Health Ltd ,-_|\
email: johng @
chi .
uwa .
edu .
au GPO Box D184 / \
Phone: +61-9-3408547 PERTH W.A. 6001 *_,-._/
Fax: +61-9-3883414 AUSTRALIA v
"Nothing is foolproof as fools are so ingenious"
|
|
