Update the default policy for the Set-Printer-Attributes operation as admin.

Author: michaelrsweet

CHANGES.md

@@ -94,6 +94,8 @@ v2.5b1 - YYYY-MM-DD
   returns "localhost" for a non-loopback address.
 - Updated the IPP Everywhere PPD generator to support "job-presets-supported"
   pairs for custom boolean, integer, and keyword attributes.
+- Updated the default "cups.conf" policies to specify the Set-Printer-Attributes
+  operation as an administrative operation.
 - Deprecated the "page-border" Job Template attribute (Issue #1020)
 - Removed the `cups-config` utility (use `pkg-config` instead)
 - Fixed use-after-free in `cupsdAcceptClient()` when we log warning during error

conf/cupsd.conf.in

@@ -80,7 +80,7 @@ WebInterface @CUPS_WEBIF@
   </Limit>
 
   # All administration operations require an administrator to authenticate...
-  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
+  <Limit Set-Printer-Attributes CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
     AuthType Default
     Require user @SYSTEM
     Order deny,allow
@@ -131,7 +131,7 @@ WebInterface @CUPS_WEBIF@
   </Limit>
 
   # All administration operations require an administrator to authenticate...
-  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
+  <Limit Set-Printer-Attributes CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
     AuthType Default
     Require user @SYSTEM
     Order deny,allow
@@ -177,7 +177,7 @@ WebInterface @CUPS_WEBIF@
   </Limit>
 
   # All administration operations require an administrator to authenticate...
-  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
+  <Limit Set-Printer-Attributes CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
     AuthType Default
     Require user @SYSTEM
     Order deny,allow

scheduler/conf.c

@@ -4472,9 +4472,9 @@ set_policy_defaults(cupsd_policy_t *pol)/* I - Policy */
 
 
  /*
-  * Verify that we have an explicit policy for Validate-Job, Cancel-Jobs,
-  * Cancel-My-Jobs, Close-Job, and CUPS-Get-Document, which ensures that
-  * upgrades do not introduce new security issues...
+  * Verify that we have an explicit policy for Cancel-Jobs, Cancel-My-Jobs,
+  * Close-Job, CUPS-Get-Document, Set-Printer-Attributes, and Validate-Job,
+  * which ensures that upgrades do not introduce new security issues...
   *
   * CUPS STR #4659: Allow a lone <Limit All> policy.
   */
@@ -4575,6 +4575,25 @@ set_policy_defaults(cupsd_policy_t *pol)/* I - Policy */
       else
 	cupsdLogMessage(CUPSD_LOG_WARN, "No limit for CUPS-Get-Document defined in policy %s and no suitable template found.", pol->name);
     }
+
+    if ((op = cupsdFindPolicyOp(pol, IPP_OP_SET_PRINTER_ATTRIBUTES)) == NULL ||
+	op->op == IPP_ANY_OPERATION)
+    {
+      if ((op = cupsdFindPolicyOp(pol, IPP_OP_CUPS_ADD_MODIFY_PRINTER)) != NULL &&
+	  op->op != IPP_ANY_OPERATION)
+      {
+       /*
+	* Add a new limit for Set-Printer-Attributes using the
+	* CUPS-Add-Modify-Printer limit as a template...
+	*/
+
+	cupsdLogMessage(CUPSD_LOG_WARN, "No limit for Set-Printer-Attributes defined in policy %s - using CUPS-Add-Modify-Printer's policy.", pol->name);
+
+	cupsdAddPolicyOp(pol, op, IPP_OP_SET_PRINTER_ATTRIBUTES);
+      }
+      else
+	cupsdLogMessage(CUPSD_LOG_WARN, "No limit for Set-Printer-Attributes defined in policy %s and no suitable template found.", pol->name);
+    }
   }
 
  /*