[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: address@hidden: Bug#538338: groff: pdfroff invokes gs insecurely (wi
|
From: |
Colin Watson |
|
Subject: |
Re: address@hidden: Bug#538338: groff: pdfroff invokes gs insecurely (without -dSAFER)] |
|
Date: |
Sat, 15 Aug 2009 08:59:08 +0100 |
|
User-agent: |
Mutt/1.5.18 (2008-05-17) |
On Sat, Jul 25, 2009 at 09:32:38AM +0100, Colin Watson wrote:
> groff uses -dSAFER elsewhere (pre-html.cpp); is there any reason not to
> do so here?
I'm applying this patch to the Debian package. Please consider it?
=== modified file 'contrib/pdfmark/pdfroff.sh'
--- contrib/pdfmark/pdfroff.sh 2009-08-15 07:55:23 +0000
+++ contrib/pdfmark/pdfroff.sh 2009-08-15 07:57:43 +0000
@@ -600,7 +600,7 @@
$SAY >&2 $n "Writing PDF output ..$c"
if test -z "$PDFROFF_POSTPROCESSOR_COMMAND"
then
- PDFROFF_POSTPROCESSOR_COMMAND="$GS -dQUIET -dBATCH -dNOPAUSE
+ PDFROFF_POSTPROCESSOR_COMMAND="$GS -dQUIET -dBATCH -dNOPAUSE -dSAFER
-sDEVICE=pdfwrite -sOutputFile="${PDF_OUTPUT-"-"}
elif test -n "$PDF_OUTPUT"
Thanks,
--
Colin Watson address@hidden