On Tue, Jun 01, 2010 at 06:32:56PM +0200, Vincent Danjean wrote: > Perhaps, gs should have these options enabled by default (and provide other > options to disable them if needed) instead of requiring to modify all > programs. It would secure home-made scripts, too.
I agree. I've found (and reported) a couple of cases where people calling gs did not use -dSAFER and as a result opened up an attack by malicious documents that could delete files. In general, there's no need to be able to manipulate files from within most PostScript documents. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
