[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Cite for print-to-postscript exploit in Mozilla?

On Fri, 09 Jul 2004, Ian Douglas wrote:
> I guess if you really wanted to get fancy you could setup postscript
> rendering as service in a chrooted jail, so it doesn't really matter if
> anything runs as it will not have access to the OS file system or
> services.

Doesn't just about anything that call ghostscript pass a -dSAFER to it
nowadays?   The only exploit you should get to do, then, would be reading
any readable file in the system... or making gs hog a lot of CPU/memory,
which is often its normal operational condition anyway ;-)

A chroot jail would be nice anyway, though :)

OTOH, maybe the postscript code in mozilla itself has a security hole.  But
the right thing to do would be to *fix* that instead, not to drop it.

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: