| New User, Welcome! Login |
Re: Ghostscript 8.64 executes random code at startup
| From: |
paul szabo sydney edu au |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
Re: Ghostscript 8.64 executes random code at startup |
| Date: |
Wed - May 26, 2010 05:30 PM |
The ghostscript people in
http://bugs.ghostscript.com/show_bug.cgi?id=691339
told me to use the -P- switch, and marked it "RESOLVED WONTFIX".
I guess -P- should be the default, as well as -dSAFER should be.
The way gv invokes gs is "wrong". For example, using command
gv /tmp/any.ps
will do:
chdir("/tmp/")
execve(..., "gs", ... "-dSAFER", ... "any.ps", ...)
So gv is careful to use -dSAFER but does not know about -P-.
I notified
bug-gv@gnu.org
about this, see
http://bugs.debian.org/583316
also.
Cheers, Paul
Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
