File cups-1.5-additional_policies.patch of Package cups
--- conf/cupsd.conf.in.orig 2010-12-09 22:24:51.000000000 +0100
+++ conf/cupsd.conf.in 2011-10-05 13:51:39.000000000 +0200
@@ -138,3 +138,25 @@ WebInterface @CUPS_WEBIF@
# End of "$Id: cupsd.conf.in 9407 2010-12-09 21:24:51Z mike $".
+# The policy below is added by SUSE during build of our cups package.
+# The policy 'allowallforanybody' is totally open and insecure and therefore
+# it can only be used within an internal network where only trused users exist
+# and where the cupsd is not accessible at all from any external host, see
+# Have in mind that any user who is allowed to do printer admin tasks
+# can change the print queues as he likes - e.g. send copies of confidental
+# print jobs from an internal network to any external destination, see
+# For documentation regarding 'Managing Operation Policies' see
+ <Limit All>
+ Order deny,allow
+ Allow from all
+# Explicitly set the CUPS 'default' policy to be used by default:
+# End of additions by SUSE.