7

Password leaks , printing from Linux client to windows based print server

When authenticating Linux users for using a windows share printer on their machine, the windows domain user-name and password of the user has to be entered in the add new printer wizard.

While troubleshooting a printing issue for a user , I came to know that these credentials are stored as plain text on the Linux client in printer configuration file.

Although this file , and the data in it , is user specific , but it is readable by root. Is it a good practice that the root is seeing all the windows domain credentials of all the users who authenticate to windows print server from their Linux client through their windows account? ( the user-name and password is clearly in plain text ( if there are no special characters in it) in that printer configuration file (/etc/cups/printers.conf), in my case , the Linux client is centos6)

And what if the users are using those same credentials for logging in into some other services , such as facebook , gmail , etc

Ijaz Ahmad
  • 1,592
  • 1
  • 11
  • 20
  • 1
    This sounds like a critical security issue. What version of cups is installed? It might also be worthwhile raising it with the devs directly. I believe their site is cups.org – 16b7195abb140a3929bbc322d1c6f1 Jan 01 '16 at 11:10
  • 4
    In centos documentation you will see this warning: Samba printer usernames and passwords are stored as unencrypted files readable by root and lpd. Thus, other users that have root access to the printer server can view the user-name and password you use to access the Samba printer. , it means they already know it , but normal users don’t know this , centos may consider it normal for root to read passwords , but it seems to me such a huge security issue – Ijaz Ahmad Jan 01 '16 at 12:45
  • This is a huge problem. Not really sure why it hasn't been addressed. Found another reference in the LPIC-1 Cert Study Guide - https://books.google.com.au/books?id=sv3zBgAAQBAJ&pg=PA330&lpg=PA330&dq=samba+printer+usernames+unencrypted+linux&source=bl&ots=d88_pGSeIY&sig=_zUbxCncDUvmVAFUao2AqyVIK0Y&hl=en&sa=X&redir_esc=y#v=onepage&q=samba%20printer%20usernames%20unencrypted%20linux&f=false – 16b7195abb140a3929bbc322d1c6f1 Jan 01 '16 at 13:02
  • Yes , i was able to see the passwords of many users , but i informed them to change thier passwords and dont use printer share from linux client , (they have to use their domain credentials because the printing quota is bound to that account) – Ijaz Ahmad Jan 01 '16 at 13:14
  • 2
    I'd say there is nothing to worry about. For the machine to use the printer the password should be there somewhere, and it is normal that root could access it. On Windows you could read it as well, I'm pretty sure it's loaded into memory whenever you're printing, so just read it from memory directly. – André Borie Jan 01 '16 at 13:23

1 Answers1

1

I really don't feel this is a problem and I will explain you why. If anybody got root access they could just sniff the traffic so every time anybody tries to authenticate the attacker can grab the hash of the password.

If anyone gets root access they can start arp spoffing DNS spoofing spoofing spoofing, which makes your network if compromised even more compromised.

If anyone gets root access they can log the keystrokes /events /everything going on

*nix users tend to have the most updated version of common sense

Somebody with system on an windows system got the same amount of access.

Worrying about someone reading a clear text password for an account with lover privileges, when they got root, is like worrying about a crack in the floor when the building is crumbling around you

What you should worry about is people getting root ;)

Stay safe

Storm Kavlie
  • 111
  • 5
  • 1
    The question is why root on linux should be able to see the active directory credentials of all users that authenticate to printers. this should never be allowed. The passwords should not be stored and only be passed encrypted on wire/lan. – Ijaz Ahmad Feb 22 '18 at 20:13