New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

badly behaved if localhost isn't 127.0.0.1 #934

Closed
michaelrsweet opened this Issue Oct 8, 2004 · 3 comments

Comments

Projects
None yet
1 participant
@michaelrsweet
Collaborator

michaelrsweet commented Oct 8, 2004

Version: 1.1.21
CUPS.org User: twaugh.redhat

Original report:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134237

Steps to Reproduce:
1.Have a computer named "localhost" export a printer
2.Try to print to it

Actual results:
Infinite loop...

@michaelrsweet

This comment has been minimized.

Show comment
Hide comment
@michaelrsweet

michaelrsweet Oct 9, 2004

Collaborator

CUPS.org User: kyrsjo.solution-forge

In my case, it happened when i had a machine named "localhost" (it had no DNS) exporting a printer, and i then tried printing to it from a machine named "kyrre". Problem was, that kyrre also had (in its own /etc/hosts) an entry named "localhost", pointing to 127.0.0.1 - as most computers have.

Now think somebody hooking their laptop to the net, calling it localhost, and sharing a printer. Then this person tries to print to the printer from one of the properly configured computers out there - and brings that machine to a halt by using up the CPU cycles and filling the partition /var/spool/cups resides on completely. Now think that that machine he printed from was some kind of shell server with many users logged in... Oops.

What i think would be the correct way to solve this, is to do a sanity check on domain names. IE before you add the printer, do a lookup on the dns name, and see if you get the same IP that sent the name. If not, then dont add the printer using dns name, but ip adress instead.

Collaborator

michaelrsweet commented Oct 9, 2004

CUPS.org User: kyrsjo.solution-forge

In my case, it happened when i had a machine named "localhost" (it had no DNS) exporting a printer, and i then tried printing to it from a machine named "kyrre". Problem was, that kyrre also had (in its own /etc/hosts) an entry named "localhost", pointing to 127.0.0.1 - as most computers have.

Now think somebody hooking their laptop to the net, calling it localhost, and sharing a printer. Then this person tries to print to the printer from one of the properly configured computers out there - and brings that machine to a halt by using up the CPU cycles and filling the partition /var/spool/cups resides on completely. Now think that that machine he printed from was some kind of shell server with many users logged in... Oops.

What i think would be the correct way to solve this, is to do a sanity check on domain names. IE before you add the printer, do a lookup on the dns name, and see if you get the same IP that sent the name. If not, then dont add the printer using dns name, but ip adress instead.

@michaelrsweet

This comment has been minimized.

Show comment
Hide comment
@michaelrsweet

michaelrsweet Oct 9, 2004

Collaborator

CUPS.org User: kyrsjo.solution-forge

And btw (forgot to say in last posting... sorry) that sanity-check would also make cups more user-friendly - you then won't need a DNS server in place or editing of /etc/hosts - just share the printer and it works.

Collaborator

michaelrsweet commented Oct 9, 2004

CUPS.org User: kyrsjo.solution-forge

And btw (forgot to say in last posting... sorry) that sanity-check would also make cups more user-friendly - you then won't need a DNS server in place or editing of /etc/hosts - just share the printer and it works.

@michaelrsweet

This comment has been minimized.

Show comment
Hide comment
@michaelrsweet

michaelrsweet Oct 9, 2004

Collaborator

CUPS.org User: mike

"localhost" is historically defined to be the local lookback interface, so any server whose name is set to "localhost" is not properly configured.

The "ServerName" directive can be configured to use the IP address, and if you use "BrowseAddress @Local" or "BrowseAddress @if(name)", then cupsd will advertise the server's IP address instead of the hostname. The browse address solution is useful when you have dynamically assigned addresses...

Collaborator

michaelrsweet commented Oct 9, 2004

CUPS.org User: mike

"localhost" is historically defined to be the local lookback interface, so any server whose name is set to "localhost" is not properly configured.

The "ServerName" directive can be configured to use the IP address, and if you use "BrowseAddress @Local" or "BrowseAddress @if(name)", then cupsd will advertise the server's IP address instead of the hostname. The browse address solution is useful when you have dynamically assigned addresses...

@michaelrsweet michaelrsweet added this to the Stable milestone Mar 17, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment