Re: vulnerabilities of postscript printers

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: vulnerabilities of postscript printers
From: Georg Lutz <glist@xxxxxxx>
Date: Wed, 28 Jan 2004 17:43:41 +0100
In-reply-to: <16401.57050.33561.497185@xxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mail-followup-to: bugtraq@xxxxxxxxxxxxxxxxx
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <40101A67.2090804@xxxxxxxxx> <200401230501.i0N5120i017266@xxxxxxxxxxxxxxxxxxx> <16401.57050.33561.497185@xxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.4i

On 2004-01-24, Glynn Clements wrote:
> PostScript has the ability to read/write named files, and nothing
> prohibits an implementation from making peripheral devices or ports
> accessible as named files. E.g. using GhostScript on Linux, the
> following trivial PostScript program sends a WAV file (or the first
> 20kb thereof) to the sound card:
> 
>       (/dev/dsp) (w) file dup
>       (foo.wav) (r) file
>       20000 string readstring pop
>       writestring flushfile
> 
> [The -dSAFER switch disables file access, and should be used when
> running gs on "untrusted" PostScript files.]
> 

Does this mean, that a Postscript-file is not safer than a MS Word
document?

Shouldnt -dSAFER be then the default option? Or breaks this something
else?

-- 
Georg

References:
- vulnerabilities of postscript printers
  - From: Bob Kryger
- Re: vulnerabilities of postscript printers
  - From: Darren Reed
- Re: vulnerabilities of postscript printers
  - From: Glynn Clements

Prev by Date: Re: new WIN virus?
Next by Date: TA04-033A: Multiple Vulnerabilities in Microsoft Internet Explorer
Previous by thread: Re: vulnerabilities of postscript printers
Next by thread: Re: vulnerabilities of postscript printers
Index(es):
- Date
- Thread