Your message dated Sun, 21 Nov 2010 07:51:58 +0100
with message-id <20101121065158.gk12...@jones.dk>
and subject line Re: Bug#584663: Bug#584653: Patch to close CVE-2010-2055
has caused the Debian Bug report #584663,
regarding ghostscript: insecure defaults for path searching
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
584663: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584663
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ghostscript
Version: 8.62.dfsg.1-3.2
Severity: grave
Tags: security
Ghostscript defaults to -P, that is to look for all files in the
current directory first. As this means that especially gs_init.ps
which is responsible for all security measures like honoring -dSAFER
can be replaced by a file in the local directory, it is relatively
easy to cause harm this way.
One can argue that every gs user should get this right, but given
that most don't (not even gs' helper scripts, I'll file an different
bug report about that), I really think the default should change.
see: http://bugs.ghostscript.com/show_bug.cgi?id=691339 for upstream's
opinion.
For testing note that due to http://bugs.debian.org/584653
-P- has no effect on gs_init.ps, so programs calling gs will even
be insecure if they are "fixed" to use -P-.
Bernhard R. Link
--- End Message ---
--- Begin Message ---
Version: 9.00~dfsg-1
Hi Paul,
On Sun, Nov 21, 2010 at 05:34:24PM +1100, paul.sz...@sydney.edu.au wrote:
Do you mean to say that bug#584663 is closed too with upstream
release 9.00?
Yes. Compare the outputs of commands (sorry long lines, may wrap):
strace -o x.out /usr/bin/gs -P- x.ps >/dev/null 2>&1; grep -E '^(open|stat|access)'
x.out | grep -E -v '"/(usr|etc|var|lib)/'
strace -o x.out /usr/bin/gs x.ps >/dev/null 2>&1; grep -E '^(open|stat|access)'
x.out | grep -E -v '"/(usr|etc|var|lib)/'
strace -o x.out /usr/bin/gs -P x.ps >/dev/null 2>&1; grep -E '^(open|stat|access)'
x.out | grep -E -v '"/(usr|etc|var|lib)/'
The first two are identical: attempt to load various things from
"proper" places only, not current dir.
Thanks a lot for your detailed response.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: Digital signature
--- End Message ---
