svgalib/ghostscript

To: joost@rulcmc.leidenuniv.nl (joost witteveen)
Cc: debian-devel@lists.debian.org
Subject: svgalib/ghostscript
From: Richard Kettlewell <richard@elmail.co.uk>
Date: Tue, 28 May 96 11:16:28 +0100 (BST)
Message-id: <[🔎] 8NGJ9Z3U3@muskogee.elmail.co.uk>

There was some discussion earlier this month about the way in which
ghostscript becomes horribly insecure when svgalib support is added.
I proposed an alteration but as my system was half way through an ELF
upgrade I wasn't able to conveniently test it; and work suddenly
filled all my free time for a couple of weeks.

I believe that my home machine is now back in a state where I can test
my suggestions - time permitting I'll have some answers sometime this
week.

Having thought about it a bit, if it doesn't prove convenient for gs
to support svgalib _and_ remain secure, how does the idea of a
separate gs-svgalib binary sound?  It would be setuid and support only
the svgalib driver.

- Richard

-- 
http://www.elmail.co.uk/staff/richard/
GCS d- s+:- a-- C++ ULVS+++$ P+++ L++ E++ W(++,--) N(++,+) o? K w---
O? M- V? PS(+,+++) PE Y+ PGP+ t- 5++ X+@ R tv--- b++>++++ DI+ D+ G e++
h r% y++

Reply to:

Prev by Date: Re: slang library issues
Next by Date: Bug#3137: pdksh is in /bin
Previous by thread: Uploaded: bind-4.9.3-P1-3
Next by thread: pcmcia-cs-2.8.15-2
Index(es):
- Date
- Thread