[tex-k] [rhn-admin@rhn.redhat.com: RHN Errata Alert: Command execution vulnerability in dvips]
Tim Waugh
twaugh@redhat.com
Tue, 15 Oct 2002 17:37:13 +0100
--2zkT5PsbWu6kxoCU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Oct 15, 2002 at 08:20:25AM -0700, Tomas G. Rokicki wrote:
> Dvips uses popen() and system() in 11 different places, and not all
> of them appear to be appropriately protected.
Indeed. Red Hat Linux 8.0 ships with secure mode enabled by default.
The idea was that people could use -R0 when they needed it (in
practice, there seems to be a bug preventing that from working..).
> I was not aware of this advisory before this time.=20
Really? I'd been told that this was being discussed with the
maintainer.
> I'm not sure how paranoid I need to be. The makefont subroutine
> executes scripts, which might be insecure or might execute binaries
> without hardwiring a path, which can then be hijacked, etc.=20
(This is precisely what this advisory is about.)
Tim.
*/
--2zkT5PsbWu6kxoCU
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9rEQ4tO8Ac4jnUq4RAkvnAKCRFJilKLQaQzu1re8Q0yoQ7gj6xACffoP9
qS5EklDG62ZLYRTup+7wL4A=
=aaNF
-----END PGP SIGNATURE-----
--2zkT5PsbWu6kxoCU--