1 |
> > > > I thought CUPS was *the* way to print on Linux. Is there |
2 |
> > > > another solution that would work better with Net::Printer? |
3 |
> > > |
4 |
> > > CUPS is the latest in a long string of different print systems, |
5 |
> > > all trying to solve this infernally difficult problem called |
6 |
> > > putting dots on the right place on a bit of paper. And all |
7 |
> > > systems seem to fail at it. |
8 |
> > > |
9 |
> > > Admittedly, CUPS is better than most and to my mind best suited |
10 |
> > > to modern printing needs. What amuses me is what kind of project |
11 |
> > > would recommend you not use CUPS, and what is their reasoning? |
12 |
> > |
13 |
> > What they've suggested is that using lpr on the remote system and |
14 |
> > opening port 631 to the world is a bad idea and that it's much |
15 |
> > better to use Net::Printer. Would you agree? |
16 |
> |
17 |
> I don't know Net::Printer, but if it prints over the network - as the |
18 |
> name implies - it has to use a port. So you have to open that port. |
19 |
> That's how TCP/IP works. No way around it. |
20 |
> |
21 |
> Certainly, the organisation you are working in is behind a firewall |
22 |
> that allows pretty little from the outside to the inside. (If not so, |
23 |
> their network administrator or external consultant or or or should be |
24 |
> beaten over his head until he can spell "Bruce Schneier".) So you are |
25 |
> *not* opening port 631 to the world. |
26 |
> |
27 |
> You are certainly opening it to your organisation. I have messed up my |
28 |
> CUPS configuration right now and can't look it up for sure but I |
29 |
> remember CUPS being able to listen only to certain hosts (IP |
30 |
> addresses) other than localhost. If if this is not so, you can still |
31 |
> set up a firewall on the client box (the one that is supposed to do |
32 |
> the printing) that allows only your server to connect to port 631 on |
33 |
> it. |
34 |
> |
35 |
> If someone then argues about source IP spoofing, just let him. If |
36 |
> someone in your organisation is able to do it, make him your network |
37 |
> admin. ;-) |
38 |
|
39 |
You're right, access to the printer can be given only to certain |
40 |
hosts. So simply using 'lpr file.pdf' on the remote machine doesn't |
41 |
strike you as a bad idea? |
42 |
|
43 |
- Grant |
44 |
-- |
45 |
gentoo-user@l.g.o mailing list |