Package: ghostscript Version: 8.62.dfsg.1-3.2 Severity: grave Tags: security
This is a different issue than ghostscript defaulting -P and not -P-, for which I'll file an other bug report. Ghostscript does not honor -P- for postscript system libraries. As gs_init.ps is such an file that is also responsible for all -dSAFER options, having such a file in the current directory means the contents of that file are executed with full privileges. $ ls doh ls: cannot access doh: No such file or directory $ cat gs_init.ps 862 (doh) (w) file $ /usr/bin/gs -P- -dSAFER $ ls doh doh (Note that for different versions of gs you need to change the number in the first line). See also http://bugs.ghostscript.com/show_bug.cgi?id=691350 and http://www.openwall.com/lists/oss-security/2010/05/29/2 Bernhard R. Link -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
