AW: [Desktop_printing] Role of CUPS and error handling

Kurt Pfeifle k1pfeifle at gmx.net
Fri Mar 24 06:17:44 PST 2006 

On Friday 24 March 2006 12:26, Johannes Meixner wrote:
> 
> Hello,
> 
> On Mar 23 18:14 Stark, Jens wrote (shortened):
> > The major issue with CUPS interfaces is that there is more than one.
> 
> I assume you mean user-frontends to set up queues for CUPS?
> 
> > SUSE didn't handle this too nice.
> 
> What exactly is wrong?
> Do you mean the problems when cupsd runs as lp?
> If yes, please read
> http://en.opensuse.org/SDB:Printer_Configuration_from_SUSE_LINUX_9.0_on
> it is all explained there in detail.

That's fine with *me*, and probably with most people on this list.
But it is not good and *easy* enough for most Aunt Tillie users...

Are you sure that all users who encounter a problem that stems from
SUSE's "RunAsUser" setting are immediately pointed to that website?
Are you also sure they follow the link? Are you sure they read it?
Are you sure they understand it?

The thing is: Once you overdo with "security", and make stuff too
difficult to cope with, users tend to switch off security altogether.
Which has then led to the defeat of the security expert's own goals
(Which begs the question: are security architects really interested
in creating better security in real life for end users? Or are some 
security experts only erecting the technical security hurdles in order 
to have a good excuse and wash their hands in it if is just torn down? 
(Mind you: I'm guilty of that sometimes too; it is a very comfortable
thing to tell the user "You should not have..." if you are tired to
deal with the same challenge day-in, day-out...)

Security is not just a technical challenge; it also has to do with
user psychology.

> Choose what you prefer (choose exactly one):
> [ ] cupsd runs by default but not as root (which requires lppasswd)
> [ ] no cupsd running by default at all
> Note that it is about a general company security policy
> and not about what a few printing guys may think.

That's what the company security politicians think; and what maybe
you and I think too.

But what do your *users* think? "F*#ck! SUSE is too secure to let me
simply print!?!"

Cheers, 
Kurt

More information about the Printing-summit mailing list