| 1 |
> > > > I thought CUPS was *the* way to print on Linux. Is there |
| 2 |
> > > > another solution that would work better with Net::Printer? |
| 3 |
> > > |
| 4 |
> > > CUPS is the latest in a long string of different print systems, |
| 5 |
> > > all trying to solve this infernally difficult problem called |
| 6 |
> > > putting dots on the right place on a bit of paper. And all |
| 7 |
> > > systems seem to fail at it. |
| 8 |
> > > |
| 9 |
> > > Admittedly, CUPS is better than most and to my mind best suited |
| 10 |
> > > to modern printing needs. What amuses me is what kind of project |
| 11 |
> > > would recommend you not use CUPS, and what is their reasoning? |
| 12 |
> > |
| 13 |
> > What they've suggested is that using lpr on the remote system and |
| 14 |
> > opening port 631 to the world is a bad idea and that it's much |
| 15 |
> > better to use Net::Printer. Would you agree? |
| 16 |
> |
| 17 |
> I don't know Net::Printer, but if it prints over the network - as the |
| 18 |
> name implies - it has to use a port. So you have to open that port. |
| 19 |
> That's how TCP/IP works. No way around it. |
| 20 |
> |
| 21 |
> Certainly, the organisation you are working in is behind a firewall |
| 22 |
> that allows pretty little from the outside to the inside. (If not so, |
| 23 |
> their network administrator or external consultant or or or should be |
| 24 |
> beaten over his head until he can spell "Bruce Schneier".) So you are |
| 25 |
> *not* opening port 631 to the world. |
| 26 |
> |
| 27 |
> You are certainly opening it to your organisation. I have messed up my |
| 28 |
> CUPS configuration right now and can't look it up for sure but I |
| 29 |
> remember CUPS being able to listen only to certain hosts (IP |
| 30 |
> addresses) other than localhost. If if this is not so, you can still |
| 31 |
> set up a firewall on the client box (the one that is supposed to do |
| 32 |
> the printing) that allows only your server to connect to port 631 on |
| 33 |
> it. |
| 34 |
> |
| 35 |
> If someone then argues about source IP spoofing, just let him. If |
| 36 |
> someone in your organisation is able to do it, make him your network |
| 37 |
> admin. ;-) |
| 38 |
|
| 39 |
You're right, access to the printer can be given only to certain |
| 40 |
hosts. So simply using 'lpr file.pdf' on the remote machine doesn't |
| 41 |
strike you as a bad idea? |
| 42 |
|
| 43 |
- Grant |
| 44 |
-- |
| 45 |
gentoo-user@l.g.o mailing list |
Archives