[PyKota] [URGENT] Hardware accounting bypass

[Jerome Alet]

Hi there,

Due to a severe misdesign in a change added last January to PyKota's 
hardware accounting code, there's a way to bypass hardware accounting 
entirely without needing any access to a PyKota print server. 

MoDax has just reported a simple way for any user, even stupid ones, 
to bypass PyKota's SNMP and PJL accounting and print for free. 

There's an immediate temporary workaround as described below :

Until the bug is fixed, which I hope will be later in the evening
or tomorrow, YOU ARE STRONGLY ADVISED to use software accounting
instead of hardware accounting on ALL your printers.

To do so, in pykota.conf's [global] section ensure that a single
line like this one is present :

--- CUT ---
accounter: software()
--- CUT ---

Then in pykota.conf, in ALL [printqueuename] sections, comment out 
ALL 'accounter' lines which use any variation of 'hardware(snmp)' or 
'hardware(pjl)', by preprending each matching line with '#' like this :

--- CUT ---
# accounter: hardware(snmp)
# accounter: hardware(pjl)
--- CUT ---

Please wait for another message on this matter announcing a bug
resolution before using hardware accounting again.

Until the bug is fixed I won't give any more detail publicly, to
take care of some students ;-)

Sorry for the inconvenience.

bye

Jerome Alet