Bug 691355

Summary: Missing -P- and -dSAFER in scripts
Product: Ghostscript Reporter: Paul Szabo <paul>
Component: GeneralAssignee: Hin-Tak Leung <htl10>
Status: RESOLVED FIXED    
Severity: critical CC: henry.stiles, pauls, werner
Priority: P3 Keywords: bountiable
Version: master   
Hardware: All   
OS: All   
Customer: Word Size: ---

Description Paul Szabo 2010-05-31 22:22:11 UTC
Someone pointed out that there is no -P- flag on gs invocations in any
gs scripts, many are also missing a -dSAFER. Scripts in in /usr/bin:

  bdftops dumphint dvipdf eps2eps font2c gsbj gsdj gsdj500 gslj gslp
  gsnd pdf2dsc pdf2ps pdfopt pf2afm pfbtopfa printafm ps2ascii ps2epsi
  ps2pdf ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 wftopfa

See also
  http://bugs.ghostscript.com/show_bug.cgi?id=691339
Shame that GS developers do not know how to use GS safely.

Cheers,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia
Comment 11 Ray Johnston 2010-06-01 23:56:34 UTC
To anyone generating the patches, please also take into consideration the
issues mentioned (which seem to me to be redundant) in bug 691356.
Comment 12 Hin-Tak Leung 2010-06-03 00:43:25 UTC
r11351 adds -P- and -dSAFER to 122 files (windows and OS/2 batch scripts, uniprint command files, as well as POSIX shell scripts). 

The list in the initial report was checked. 3 files (ps2pdf12, ps2pdf13, ps2pdf14) were not modified because they wrap ps2pdfwr (which is updated).

Also verified Ray's comment 11 as correct, in combination with the fix to bug 691350 (currently under review). i.e. when both fixes are in place, ps2ascii.ps, etc in CWD is ignored.