Bug#51586: Please Reopen 51586 ("secure" mode in dvips should be the default)
On Mon, 22 May 2000, Atsuhito Kohda wrote:
> > > It means that if I send someone a DVI file, and they view it with xdvi
> > > it looks ok (because xdvi ignores most \specials) but if I have a
> > > \special that says "rm -rf $HOME", and they go to print it, kaboom.
>
> Then I tried to make patch. It is easy to make '-R' as default
> but I think it needs a bit more.
>
> - '-R' option is already used by magicfilter and perhaps there are
> some who set this personally so '-R' option should be retained as
> it is now.
>
> - So there must be new option which enables the feature that dvips
> can execute shell commands through \special.
> I added '-I' option (I mean 'I'nsecure mode)
>
> - Documents should reflect these changes.
>
> I would like to hear any comments or suggestions.
But how do you run dvips in secure mode by default?
I did not look into dvips, but IMO a better solution is to add an option
in the config file, not on command line (maybe a `R' without argument is
a good candidate). We should ask upstream author, he/she certainly
knows the right way to activate secure mode by default.
Denis
Reply to: