[11134] in bugtraq
Re: Troff dangerous.
daemon@ATHENA.MIT.EDU (Nic Bellamy)
Mon Jul 26 22:32:00 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9907261025080.18981-100000@router.gnuflat.linux.net.nz>
Date: Mon, 26 Jul 1999 10:42:06 +1200
Reply-To: Nic Bellamy <sky@WIBBLE.NET.INVALID>
From: Nic Bellamy <sky@WIBBLE.NET.INVALID>
X-To: John Robert LoVerso <john@LOVERSO.SOUTHBOROUGH.MA.US>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <199907251418.KAA05569@loverso.southborough.ma.us>
On Sun, 25 Jul 1999, John Robert LoVerso wrote:
> Thus, this affects only systems with groff installed (all Linux and FreeBSD
> systems, at least).
One Linux distribution that doesn't appear to be vulnerable is Debian
(tested on 2.1/slink) - the maintainer of the groff package has made the
-S ("Safer mode") the default, which turns off potentially dangerous
commands like .opena, .pso, etc.
Hopefully this change can make it into the official GNU groff distribution
- as useful as these features may be, I doubt the majority of people use
groff for much more than formatting manpages. Safe defaults are always
good.
I've also checked OpenBSD 2.5 and FreeBSD 3.2 - the groff on both systems
defaults to the unsafe behaviour.
Regards,
Nic.
P.S. My apologies for the From: address mangling - I received far too many
vacation messages and spams last time I posted here.
-- Nic Bellamy <sky@wibble.net.invalid>
J. Random Coder.
