Bug#392586: tetex-bin: Insecure $ENV{PATH} while running setuid at /usr/bin/epstopdf line 211.
On Don, 12 Okt 2006, Ralf Stubner wrote:
> > Solution was to add the line
> > $ENV{"PATH"} = "/usr/bin:/usr/sbin:/bin:/usr/bin";
> > in /usr/bin/epstopdf.
>
> Do I understand you correctly that you are calling epstopdf from some
> other program? I don't understand why it should be epstopdf's business
> to care for a secure environment then. After all, epstopdf is a program
> for general use and I might want to use it with a ghostscript binary
> outside the above list of directories. This would be needlessly
> difficult after such a change. IMO the calling program should set up
> PATH in a secure way.
Seconded. I think we can close this bug.
Best wishes
Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining <preining@logic.at> Università di Siena
Debian Developer <preining@debian.org> Debian TeX Group
gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
SWANAGE (pl.n.)
Swanage is the series of diversionary tactics used when trying to
cover up the existence of a glossop (q.v.) and may include (a)
uttering a high-pitched laugh and pointing out of the window (NB. this
doesn't work more that twice); (b) sneezing as loudly as possible and
wiping the glossop off the table in the same movement as whipping out
your handkerchief; (c) saying 'Christ! I seen to have dropped some
shit on your table' (very unwise); (d) saying 'Christ, who did that?'
(better) (e) pressing your elbow on the glossop itself and working
your arms slowly to the edge of the table; (f) leaving the glossop
where it is but moving a plate over it and putting up with sitting at
an uncomfortable angle the rest of the meal; or, if the glossop is in
too exposed a position, (g) leaving it there unremarked except for the
occasional humorous glance.
--- Douglas Adams, The Meaning of Liff
Reply to: