Bug#414002: ghostscript: cannot open OutputFile if -dSAFER specified with piped or interactive input
- To: 414002@bugs.debian.org
- Subject: Bug#414002: ghostscript: cannot open OutputFile if -dSAFER specified with piped or interactive input
- From: Jonathan Nieder <jrnieder@gmail.com>
- Date: Wed, 20 Apr 2011 21:01:13 -0500
- Message-id: <[🔎] 20110421020112.GA25723@elie>
- Reply-to: Jonathan Nieder <jrnieder@gmail.com>, 414002@bugs.debian.org
- In-reply-to: <20110320103051.GA15794@elie>
- References: <20110316011249.30633.99171.reportbug@pindar.greenhouse> <20110316013633.GA9882@elie> <AANLkTi==rfL1dyYEc3gMs8AJ=3ReOCMqu8PsnubM0eTw@mail.gmail.com> <20110320103051.GA15794@elie>
found 414002 ghostscript/9.02~dfsg-1
tags 414002 + upstream
retitle 414002 gs -dSAFER: /invalidfileaccess with "run" operator
quit
Jonathan Nieder wrote:
> Confirmed: with version 8.71~dfsg2-6.1 running
>
> man -t ls >ls.1
> echo '(ls.ps) run' | ghostscript -dSAFER
>
> fails with /invalidfileaccess, while with 8.71~dfsg2-6 it succeeds (and if
> ghostscript-x is installed, renders the manpage). This has nothing to do
> with OutputFile, piped input, or relative paths --- something[1] has changed
> to make innocuous _reads_ break with -dSAFER.
The above should say ">ls.ps", not ">ls.1", of course. Sorry for the
nonsense.
> Michael, any hints?
Since the change is upstream, I can stop blaming Michael.
This bisects to r11494 (Dont't search for initialization files in the
current directory first; also revert rev. 11468, 2010-07-07), which
has description
commit 35d24ae5fea94cf4f6bb2983967e0ab9b020bbd0
Author: Alex Cherepanov <alex.cherepanov@artifex.com>
Date: Wed Jul 7 17:47:09 2010 +0000
Dont't search for initialization files in the current directory first
by default because this leads to well-known security and confusion problems.
Do this only on the user's request by -P switch. Also revert rev. 11468,
which is no longer needed. Bug 691350.
Changing
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
# and confusion problems, but may be convenient sometimes.
SEARCH_HERE_FIRST=0
to 1 and rebuilding seems to get it working again. So it looks like
SEARCH_HERE_FIRST affects more than it's designed to; not sure where
to look next (I guess this should be forwarded to ghostscript
bugzilla).
Reply to: