<russell-->
stintel: they seem to be about 75USD in the bezone (i.e. amazon), which seems kind-of-too-expensive for what it is, but if you need the features, maybe not.
guerby has joined #openwrt-devel
Tapper has quit [Ping timeout: 480 seconds]
rua has quit [Ping timeout: 480 seconds]
rua has joined #openwrt-devel
victhor has quit [Remote host closed the connection]
rua has quit [Ping timeout: 480 seconds]
rua has joined #openwrt-devel
rua has quit [Ping timeout: 480 seconds]
rua has joined #openwrt-devel
Luke-Jr has quit [Ping timeout: 480 seconds]
goliath has quit [Remote host closed the connection]
danitool has quit [Ping timeout: 480 seconds]
rua has quit [Ping timeout: 480 seconds]
rua has joined #openwrt-devel
Luke-Jr has joined #openwrt-devel
Tapper has joined #openwrt-devel
Tapper has quit [Ping timeout: 480 seconds]
Slimey has quit [Remote host closed the connection]
rmilecki has joined #openwrt-devel
dedeckeh has joined #openwrt-devel
valku has quit [Quit: valku]
nitroshift has joined #openwrt-devel
<hanetzer>
dansan: eyo
srslypascal is now known as Guest8603
srslypascal has joined #openwrt-devel
Guest8603 has quit [Ping timeout: 480 seconds]
indy has quit [Read error: Connection reset by peer]
indy has joined #openwrt-devel
hitech95 has joined #openwrt-devel
danitool has joined #openwrt-devel
pmelange has joined #openwrt-devel
pmelange has left #openwrt-devel [#openwrt-devel]
danitool has quit [Quit: Cubum autem in duos cubos, aut quadratoquadratum in duos quadratoquadratos]
<jow>
anyone here experience with p910nd ?
rua has quit [Ping timeout: 480 seconds]
<Habbie>
jow, not yet, but you have my interest - just yesterday i was wondering if some openwrt box in a corner would be the right thing for my usb printer :)
rua has joined #openwrt-devel
<PaulFertser>
I used it once, iirc it was pretty simple, almost the same as "socat" from tcp to the printer port.
<Habbie>
PaulFertser, yes, looks that way - i'm not even sure why it exists then ;)
<jow>
I am currently looking into a potential security issue
<Habbie>
ouch
<jow>
basically "option device" in the uci configuration can be set to an arbitray path and p910nd, running as root, will happily create or overwrite it in case the target path is not a device node
<hitech95>
oh... thats not good.
<jow>
so far this is not the end of the world since modifying the configuration requires root permissions anyway
<jow>
it becomes a problem though with restricted user permissions, e.g. restricted luci users only allowed to modify /etc/config/p910nd
<jow>
they could indirectly gain root (configure option device /etc/dropbear/authorized_keys, then just print the own pubkey)
<Habbie>
understood
<jow>
so in order to mitigate that I considered two changes
<jow>
1) extend /etc/init.d/p910nd to only accept existing char devices as "option device"
<jow>
2) make p910nd run as restricted user ("lp"?)
<jow>
for 1) I wonder if there's any real world use cases where p910nd's device path would not be a char dev
<jow>
for 2) we likely need to amend the basefiles to add a lp user+group and to make well known print device nodes lp group owned
<Habbie>
i can't immediatelly imagine something for 1), so i'm inclined to say "do it, see who complains?"
<jow>
hmm, yeah I figured. I can't really think of a sane usecase either
<PaulFertser>
Habbie: I think it exists to make standard "lpr" clients happy.
<jow>
odhcpd has a somewhat similar exploit vector
<Habbie>
PaulFertser, oh, right, there's a bit of protocol between lpr and lpd
<jow>
it's option leasetrigger can be set to an arbitrary path and odhcpd will execute it with root permissions
<jow>
at the very least odhcpd should only execute paths that are root owned and not modifiable by group or others
<jow>
this prevents pointing leasetrigger to e.g. a fileshare location where you can subsequent upload arbitrary scripts
<Habbie>
yes, but careful - the history of unix is full of CVEs about race conditions in such checks
<rsalvaterra>
jow: I played with p910nd on my Pi B+, yes.
<rsalvaterra>
And yes, I used it as my print server, with OpenWrt. :)
<PaulFertser>
What if you want to run p910nd on boot but the printer is hot-pluggable USB?
<PaulFertser>
I think in this case 1) will break.
<Habbie>
ah yes
<jow>
I was thinking about that too, yes
<jow>
didn't look at p910nd's code yet
jlsalvador has quit [Ping timeout: 480 seconds]
<jow>
I ssumed it fails on not existing devices and would need a restart in this case anyway
<jow>
but entirely possible that opens/closes the device with each print request
<Habbie>
how about patching p910nd to fstat (after open) and check if it indeed opened a char device?
<Habbie>
then again, i wonder if there are other char devices somebody could use to destroy things
<jow>
possible
jlsalvador has joined #openwrt-devel
<jow>
I guess the only clean mitigation is stop running it as root
<jow>
it appears to do nothing printer specific at all
<Habbie>
oh, port 900x, now i remember - so no
<PaulFertser>
And it opens the char device every time apparently.
<karlp>
cannnn we just change the p910d init script to run socat and call it a day?
<Habbie>
karlp, i was just going to say that
<PaulFertser>
Same concerns about security will apply.
<Habbie>
oh wow, the default /etc/passwd is -really- small
<jow>
you mena on-device or in buildroot?
<Habbie>
on-device
<jow>
yes, it does not preallocate many users
<jow>
many are dynamically allocated on package installation though
<Habbie>
ack
<PaulFertser>
karlp: I can imagine some clients getting confused by socat doing bidir transfers and with p910nd people can workaround that by not enabling bidir.