> only config files in "trusted paths" can be used for external commands etc.
Sounds like we're getting closer to Perl's taint mode. In any case, this is the sort of thing we'd have to depend on kpathsea to provide, right? I don't see that happening in this release. Yet, not allowing o !lpr -P foo in a configuration file due to security restrictions is disappointing. Note that dvips *does* use the current directory in most of its search paths, so anyone can drop a config.ps as part of a dvi tarball that will be picked up by dvips. (Which is another issue, since security can be disabled in the config.ps, which is why originally dvips would never let you turn security *off* in config.ps . . .) Arghhh. -tom