[5295] in Athena Bugs
lpr quota insecurity
daemon@ATHENA.MIT.EDU (John Carr)
Tue Jun 26 21:06:51 1990
To: bugs@ATHENA.MIT.EDU
Date: Tue, 26 Jun 90 21:06:38 EDT
From: John Carr <jfc@ATHENA.MIT.EDU>
I notice that after running lpr, I only have tickets for rcmd.<print server>,
not rcmd.<quota server>. Since print servers are currently in public areas,
this means I can create false print accounting records by stealing print
server srvtabs. lpr should get a ticket for the print quota service as well
as for the printer, and the print server should use this to authenticate the
user before the job and to authenticate the job accounting record.
