[Esa-l]Adobe PDF files can be used as virus carriers (fwd)

Brett Glass brett at lariat.org
Tue Aug 7 18:02:26 PDT 2001

At 04:36 PM 8/7/2001, Phil Pennock wrote:

>man gs(1):
>       -dSAFER
>              Disables  the  "deletefile" and "renamefile" opera-
>              tors and the ability to  open  files  in  any  mode
>              other  than  read-only.   This may be desirable for
>              spoolers or other sensitive  environments  where  a
>              badly  written or malicious PostScript program must
>              be prevented from changing important files.

Will it allow programs to be EXECUTED, though? On many OSes,
one can execute anything one can read; that is, the permissions
are not separate. And if the program is a script, read permission
may be all that's necessary, because the script is really just
"data" for the interpreter.


P.S. -- We don't use GhostScript, because it's one of the few products
out there which has a license that's MORE onerous than the GPL. Viral...
nasty... bleagh.

More information about the esd-l mailing list