Patch-ID# 100696-01
Keywords: effective, real, userid, uid, group, rg, su, lpr, lprm, printcap
Synopsis: 4.1.1;4.1.2;4.1.3: lpr and lprm use the real userid rather than the effective userid
Date: 04/Dec/92
 
SunOS release: 4.1.1, 4.1.2, 4.1.3
 
Topic: Jobs are queued with the wrong uid, and checking for restricted groups is wrong.
 
BugId's fixed with this patch:  1048004

Architectures for which this patch is available: sun3(all), sun4(all)

Patches which may conflict with this patch:  

Note: 

Obsoleted by:

Problem Description: 
   lpr and lprm use the real userid instead of the effective userid of
   the user.  This causes files to be queued with the incorrect userid,
   and it also causes incorrect checking of restricted groups (rg=) in
   the /etc/printcap file, which may allow users to queue jobs even
   though they are not members of this restricted group.



INSTALL:

1) Login as root

2) Save copies of existing executables:
   - mv /usr/ucb/lpr /usr/ucb/lpr.fcs
   - mv /usr/ucb/lprm /usr/ucb/lprm.fcs

3) Install new copies of executables:
   - /bin/cp `arch`/{4.1.1;4.1.2;4.1.3}/lpr /usr/ucb/lpr
   - /bin/cp `arch`/{4.1.1;4.1.2;4.1.3}/lprm /usr/ucb/lprm

4) Set ownership and permissions:
   - /etc/chown root.daemon /usr/ucb/lpr /usr/ucb/lprm
   - /bin/chmod 711 /usr/ucb/lpr /usr/ucb/lprm
   - /bin/chmod ug+s /usr/ucb/lpr /usr/ucb/lprm


ADDENDUM :