[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#39674] [PATCH] enable PostScript backend in Evince
|
From: |
Maxim Cournoyer |
|
Subject: |
[bug#39674] [PATCH] enable PostScript backend in Evince |
|
Date: |
Tue, 22 Oct 2024 23:17:50 +0900 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Hi,
Ludovic Courtès <ludo@gnu.org> writes:
> Hi Nicolò & raingloom!
>
> (+ Cc: guix-security)
>
> Nicolò Balzarotti <anothersms@gmail.com> skribis:
>
>> Thanks!
>>
>> I was wondering why it could not open .eps files! I tested the patch,
>> applies, build and now I can open them. guix size reports +3%
>> (1009.6 -> 1038.0).
>>
>> +1 for merging
>
> I think PostScript support is often disabled by default because of
> security issues: PostScript is a very versatile language and Ghostscript
> has had a series of problems due to its inability to “sandbox”
> PostScript code.
>
> A particularly important issue is thumbnail generation: you could find
> yourself running PostScript code without explicitly opening a file.
>
> FWIW, I resort to gv (or ps2pdf) when I need to open a PostScript that I
> deem trustworthy.
My opinion is that we should enable it. It's advertised as a
supported format [0]; if there was a serious security issue upstream
would probably drop support for it, or at least hide it behind some
configuration warning, and not advertize it.
Debian, known for its security track record, also has it enabled [1].
[0] https://help.gnome.org/users/evince/stable/formats.html.en
[1]
https://salsa.debian.org/gnome-team/evince/-/blob/debian/latest/debian/rules?ref_type=heads#L15
--
Thanks,
Maxim
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug#39674] [PATCH] enable PostScript backend in Evince,
Maxim Cournoyer <=