[gs-bugs] [Bug 691339] Insecure gs initialization

Thu May 27 18:16:18 UTC 2010

http://bugs.ghostscript.com/show_bug.cgi?id=691339

Christopher Yeleighton <giecrilj at stegny.2a.pl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |giecrilj at stegny.2a.pl

--- Comment #8 from Christopher Yeleighton <giecrilj at stegny.2a.pl> 2010-05-27 18:16:16 UTC ---
(In reply to comment #7)
> (In reply to comment #6)
> > There's a good reason that security folks tell people not to put "." in your
> > PATH.
> 
> I am not going to be drawn into the pros and cons on this - just as some people
> like having . in their path, some don't. It is a personal choice. We provide
> the -P/-P- choice and documents it for that reason. Which one the user decides
> to use is up to them. The current default is chosen based on user consensus. So
> one can say this is unfortunate, but most users choose convenience over
> security, and that's reflected in the choice of the current default. (So please
> go and educate the users - when the public opinion changes, we'll follow).

Please provide us with evidence of the consensus so that we can look at the
discussion into more detail.  In particular, I would appreciate if you could
come up with an unanimous opinion that reading ./Encoding/* on startup is a
good and desirable thing.

Please note that this is not a discussion about whether the current directory
should be searched when user code requests a file after the startup procedure
has been completed.  It is a completely different question.

I also find it very unfortunate that Ghostscript cannot be configured not to
search the current directory by default.  Most users do not have the slightest
idea that they should use your sanity switch.

-- 
Configure bugmail: http://bugs.ghostscript.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.