Bug#414002: [gs-common] Retag FTBS
severity 414002 normal
found 414002 ghostscript/8.71~dfsg2-6
quit
Bastien ROUCARIES wrote:
> texlive-pstricks pdf documentation of pst-geo could not build from
> source. And even viewed.
> But you could regress this bug since we have the already built
> documentation on the tar.bz2
Ah, so you mean the upstream TeXLive pstricks package is another
testcase, rather than that some Debian package such as texlive-extra
is failing to build from source.
Ok, lowering severity. Do you know what was the intent of the checks
preventing inclusion of files from ../ introduced around 4 years ago
that Ralf Stubner mentioned? In modern gs, they seem to be enabled
by -dSAFER, despite not having anything to do with the description in
the manpage:
-dSAFER
Disables the "deletefile" and "renamefile" operators
and the ability to open files in any mode other than
read-only. This strongly recommended for spoolers,
conversion scripts or other sensitive environments
where a badly written or malicious PostScript program
code must be prevented from changing important files.
By contrast with bug#618530, this ".." check kicks in even for "gs -P".
That is:
mkdir subdir
man -t ls >ls.ps
echo '(ls.ps) run' | gs; # displays manpage.
echo '(ls.ps) run' | gs -dSAFER; # fails.
echo '(ls.ps) run' | gs -P -dSAFER; # displays manpage.
cd subdir
echo '(../ls.ps) run' | gs; # displays manpage.
echo '(../ls.ps) run' | gs -dSAFER; # fails.
echo '(../ls.ps) run' | gs -P -dSAFER; # fails.
Reply to: