Hi, I just noticed this thread ...
> Now, a specific switch passed onto ghostscript needs to be used to fix > the issue. > > From the gs man page: > > -dSAFER > Disables the "deletefile" and "renamefile" operators and > the ability to open files in any mode other than > read-only. This is desirable for spoolers or any other > environments where a malicious or badly written > PostScript program must be prevented from changing > important files. > > This is what he is spouting about, I think. Yep, that's one of the four issues, meanwhile bug #262402: | "File operations" refers to the postscript program that is executed by | ghostscript here. Something along the lines of -dSAFER is needed to | make this safe, however I'm not sure as to which options are needed. | Maybe, it can't be made safe at all if gs is run as root. -dSAFER probably is much better than nothing, but are you sure that it's sufficient? Isn't it still possible to read arbitrary files with root privileges? Cya, Florian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
