[33332] in bugtraq
Re: vulnerabilities of postscript printers
daemon@ATHENA.MIT.EDU (Georg Lutz)
Mon Feb 2 23:08:43 2004
Date: Wed, 28 Jan 2004 17:43:41 +0100
From: Georg Lutz <glist@gmx.net>
To: bugtraq@securityfocus.com
Message-ID: <20040128164341.GA1987@ercws053.vaih.whnetz>
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
In-Reply-To: <16401.57050.33561.497185@cerise.nosuchdomain.co.uk>
On 2004-01-24, Glynn Clements wrote:
> PostScript has the ability to read/write named files, and nothing
> prohibits an implementation from making peripheral devices or ports
> accessible as named files. E.g. using GhostScript on Linux, the
> following trivial PostScript program sends a WAV file (or the first
> 20kb thereof) to the sound card:
>
> (/dev/dsp) (w) file dup
> (foo.wav) (r) file
> 20000 string readstring pop
> writestring flushfile
>
> [The -dSAFER switch disables file access, and should be used when
> running gs on "untrusted" PostScript files.]
>
Does this mean, that a Postscript-file is not safer than a MS Word
document?
Shouldnt -dSAFER be then the default option? Or breaks this something
else?
--
Georg
