Bug 691355 - Missing -P- and -dSAFER in scripts
Summary: Missing -P- and -dSAFER in scripts
Status: RESOLVED FIXED
Alias: None
Product: Ghostscript
Classification: Unclassified
Component: General (show other bugs)
Version: master
Hardware: All All
: P3 critical
Assignee: Hin-Tak Leung
QA Contact: Bug traffic
URL:
Keywords: bountiable
: 691356 (view as bug list)
Depends on:
Blocks:
 
Reported: 2010-05-31 22:22 UTC by Paul Szabo
Modified: 2010-06-03 00:43 UTC (History)
3 users (show)

See Also:
Customer:
Word Size: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Paul Szabo 2010-05-31 22:22:11 UTC
Someone pointed out that there is no -P- flag on gs invocations in any
gs scripts, many are also missing a -dSAFER. Scripts in in /usr/bin:

  bdftops dumphint dvipdf eps2eps font2c gsbj gsdj gsdj500 gslj gslp
  gsnd pdf2dsc pdf2ps pdfopt pf2afm pfbtopfa printafm ps2ascii ps2epsi
  ps2pdf ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 wftopfa

See also
  http://bugs.ghostscript.com/show_bug.cgi?id=691339
Shame that GS developers do not know how to use GS safely.

Cheers,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia
Comment 11 Ray Johnston 2010-06-01 23:56:34 UTC
To anyone generating the patches, please also take into consideration the
issues mentioned (which seem to me to be redundant) in bug 691356.
Comment 12 Hin-Tak Leung 2010-06-03 00:43:25 UTC
r11351 adds -P- and -dSAFER to 122 files (windows and OS/2 batch scripts, uniprint command files, as well as POSIX shell scripts). 

The list in the initial report was checked. 3 files (ps2pdf12, ps2pdf13, ps2pdf14) were not modified because they wrap ps2pdfwr (which is updated).

Also verified Ray's comment 11 as correct, in combination with the fix to bug 691350 (currently under review). i.e. when both fixes are in place, ps2ascii.ps, etc in CWD is ignored.