2001-04-22 Henning Meier-Geinitz <henning@meier-geinitz.de>

* PROBLEMS: Point to pnm/saned security risks. * TODO: Removed the entries about epson usb mis-detection and check for installed sane versions. * configure configure.in backend/Makefile.in: Added detection of older versions of SANE. The pnm backend is now disabled by default. * backend/dll.c backend/dll.desc: Fixed file descriptor leak (found by Douglas Gilbert). New version: 1.0.2. * backend/net.desc: Added Jochen Eisinger's email address as contact for the net backend. * doc/sane-pnm.man: Point to pnm/saned security risks.
2001-04-22 20:01:30 +00:00 · 2001-04-22 20:01:30 +00:00 · c7366e2d3c
commit c7366e2d3c
--- a/10
+++ b/10
@ -57,3 +57,13 @@ Last update: Sun Nov 12 16:47:01 CET 2000
 		cp -a /usr/src/linux/include/scsi /usr/include

 	should fix this problem.
+
+- Security problems with pnm
+        If the pnm backend is installed and saned is used to allow users on
+        remote computers to scan on the local machine, pnm files can be read by
+	the remote user. This is limited to the files saned can access (usually
+        it's running as user "sane"). All pnm files can be read if saned runs
+        as root which isn't recommended anyway. The pnm backend is disabled
+        by default. If you want to use it, enable it with configure (see 
+        configure --help for details). Be sure that only trusted users can
+	access the pnm backend over saned.
--- a/backend/Makefile.in
+++ b/backend/Makefile.in
@ -54,7 +54,7 @@ COMPILE = $(CC) -c $(CFLAGS) $(DEFS) $(INCLUDES) $(CPPFLAGS)

 PRELOADABLE_BACKENDS = abaton agfafocus apple artec as6e avision bh canon \
        coolscan dc25 @DC210@ @DC240@ dmc epson hp m3096g microtek microtek2 \
-	mustek mustek_pp nec @NET@ pie @PINT@ plustek pnm @QCAM@ ricoh s9036 \
+	mustek mustek_pp nec @NET@ pie @PINT@ plustek @PNM@ @QCAM@ ricoh s9036 \
 	sharp snapscan sp15c st400 tamarack umax @V4L@
 ALL_BACKENDS = $(PRELOADABLE_BACKENDS) dll

--- a/backend/dll.c
+++ b/backend/dll.c
@ -44,7 +44,7 @@

 /* Please increase version number with every change 
   (don't forget to update dll.desc) */
-#define DLL_VERSION "1.0.1"
+#define DLL_VERSION "1.0.2"

 #ifdef _AIX
 # include "lalloca.h"   /* MUST come first for AIX! */
@ -316,6 +316,7 @@ load (struct backend *be)
          libname, strerror (errno));
      return SANE_STATUS_INVAL;
    }
+  fclose (fp);
  DBG(2, "load: dlopen()ing `%s'\n", libname);

 #ifdef HAVE_DLOPEN
@ -520,6 +521,9 @@ sane_init (SANE_Int * version_code, SANE_Auth_Callback authorize)
      first_backend = &preloaded_backends[i];
    }

+  /* Return the version number of the sane-backends package to allow
+     the frontend to print them. This is done only for net and dll,
+     because these backends are usually called by the frontend. */
  if (version_code)
    *version_code = SANE_VERSION_CODE (SANE_DLL_V_MAJOR, SANE_DLL_V_MINOR,
 				       SANE_DLL_V_BUILD);
--- a/backend/dll.desc
+++ b/backend/dll.desc
@ -1,5 +1,5 @@
 :backend "dll"               ; name of backend
-:version "1.0.1"
+:version "1.0.2"
 :status :beta
 :manpage "sane-dll"

--- a/backend/net.desc
+++ b/backend/net.desc
@ -2,6 +2,7 @@
 :version "1.0.1"
 :status :beta
 :manpage "sane-net"
+:url "mailto:jochen.eisinger@gmx.net"

 :devicetype :meta
 :desc "Network access to saned servers"
--- a/doc/sane-pnm.man
+++ b/doc/sane-pnm.man
@ -1,4 +1,4 @@
-.TH sane-pnm 5 "21 April 1997"
+.TH sane-pnm 5 "22 April 2001"
 .IX sane-pnm
 .SH NAME
 sane-pnm - SANE PNM image reader pseudo-backend
@ -8,7 +8,7 @@ The
 library implements a SANE (Scanner Access Now Easy) backend that
 provides access to PNM (Portable aNyMap files, which covers PBM bitmap
 files, PGM grayscale files, and PPM pixmap files).  The purpose of
-this backend is primarly to aide in debugging of SANE frontends.  It
+this backend is primarly to aid in debugging of SANE frontends.  It
 also serves as an illustrative example of a minimal SANE backend.
 .SH "DEVICE NAMES"
 This backend provides two devices called
@ -32,5 +32,13 @@ If the library was compiled with debug support enabled, this
 environment variable controls the debug level for this backend.  E.g.,
 a value of 128 requests all debug output to be printed.  Smaller
 levels reduce verbosity.
+.SH BUGS
+If the pnm backend is installed and saned is used to allow users on remote
+computers to scan on the local machine, pnm files can be read by the remote
+user. This is limited to the files saned can access (usually it's running as
+user "sane"). All pnm files can be read if saned runs as root which isn't
+recommended anyway. The pnm backend is disabled by default. If you want to use
+it, enable it with configure (see configure --help for details). Be sure that
+only trusted users can access the pnm backend over saned.
 .SH AUTHOR
 Andreas Beck, Gordon Matzigkeit, and David Mosberger