[11138] in bugtraq
Re: Troff dangerous.
daemon@ATHENA.MIT.EDU (Yozo Toda)
Tue Jul 27 01:17:18 1999
Message-Id: <199907260241.LAA20351@aohakobe.ipc.chiba-u.ac.jp>
Date: Mon, 26 Jul 1999 11:41:36 +0900
Reply-To: Yozo Toda <yozo@AOHAKOBE.IPC.CHIBA-U.AC.JP>
From: Yozo Toda <yozo@AOHAKOBE.IPC.CHIBA-U.AC.JP>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Sun, 25 Jul 1999 17:33:37 JST."
<19990725173337.A2181@hades.chaoz.org>
> A "fix" to the problem would be to introduce a commandswitch for enabling the
> dangerous troff-commands, which is what I personally am going to do anyway..
looking at groff-1.10 and groff-1.11a,
I found -msafer option to DISABLE dangerous commands...
%%%% from "nroff -man $(GROFF)/tmac/msafer.n" %%%%
MSAFER(7) Device and Network Interfaces MSAFER(7)
NAME
msafer - groff -msafer macros
SYNOPSIS
groff -msafer [ options... ] [ files... ]
DESCRIPTION
The -msafer macros remove the open, opena, pso, sy and pi
requests. These macros should be used when processing input
from an untrustworthy source. For maximum safety, they
should be the first -m option on the command-line. Normally
they are invoked using the -S option of groff, which will
also pass gpic the -S flag.
FILES
/opt/gnu/share/groff/tmac/tmac.safer
SEE ALSO
groff(1), gtroff(1), gpic(1)
Groff Version 1.11 Last change: 26 June 1995 1
%%%% %%%%
-- yozo.
