On Tue, 10 Jul 2001, Foley, Brian (Galway) wrote:
> Yep,
>> There was a similar problem under NeXTStep back in the early 90s with its
> DPS based window system.
>> See
>http://cypherpunks.venona.com/date/1994/12/msg00413.html>http://catless.ncl.ac.uk/Risks/16.56.html>
and exploits existed and were actively propogated... wow.
> Sigh. Just goes to show how far ahead of its time NeXT was :-)
:)
> BTW, assuming GhostScript doesn't already have an option to do this, a way
> around the problem would be to have your mail reader reader run a small bit
> of PS code that redefined the file manipulating operators to do nothing
> before running the EPS attachments.
yep.. what was reassuring was to read in the above RISKS digest that
ghostscript had been changed to default to not allowing the more
dangerous operators.
however, less reassuring, from the same post, is that in PS operators
can be created from other strings. so it would seem to be nearly
impossible to secure PS just by scanning the inputted PS, the
interpreter would have to check constantly while 'running' the PS
script.
wonder whether ghostscript has been refined further security wise
since the above 1994 RISKS digest? ...
what's the postscript for:
echo "you've been postscripted" >> ~/i_could_have_deleted_all_your_files
??
'd love to send to a few people....
--paulj
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
