| <<<Back 1 day (to 2019/09/30) | Fwd 1 day (to 2019/10/02) >>> | 20191001 |
sebras | du skrev "I dislike "Allow for .zip/.tar archive containing a ridiculous amount of files."" | 12:19.18 |
| I'm not supposed to be here now, sorry. :) | 12:19.42 |
kens | was wondering what that was about | 12:19.52 |
fluffypony | hmmmmm | 18:04.49 |
| so I'm trying to overwrite the Producer metadata in a PDF -> PDF/A conversion so as not to leak the version of GhostScript we're using | 18:05.28 |
| which I apparently can do via a pdfmark file | 18:05.42 |
| not sure if I'm supposed to wrap the /Producer string in inverted commas or not | 18:06.49 |
| pdfmark is the worst file format, why do they not have a closing bracket | 18:07.00 |
| lol | 18:07.00 |
| ohhhhhh | 18:09.40 |
| strings are wrapped in brackets because of course they are | 18:09.46 |
kens | fluffypony: the '[' isn't a bracket, its a mark in PostScript terminology, and yes, string delimters in PostScript are () | 18:32.00 |
fluffypony | my OCD says it's a bracket :-P | 18:32.25 |
kens | And I've recently disabled the ability to overwrite Producer: | 18:32.32 |
| http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f03bac8ec2dabfff5583bf6afdd2b77f1885f8ef | 18:32.32 |
fluffypony | oh interesting | 18:32.38 |
| could you at least allow it to set the producer without leaking the version? | 18:33.13 |
kens | No, what wold be the point ? | 18:33.26 |
| If someone sends me a PDF file I want ot know if it was created by version 9.28 or version 8.70 | 18:33.45 |
| Because if its 8.70 I'm going to tell them to upgrade and try again | 18:33.57 |
fluffypony | true | 18:34.03 |
kens | Why does the version number worry you ? | 18:34.31 |
fluffypony | I was thinking of an option to prevent leaking the version so that we don't give attackers more info than they need | 18:35.08 |
| so the scenario is an attacker knows we're running 9.27, for instance | 18:35.16 |
| and then they use an 0-day or something that -dSAFER doesn't catch to touch the filesystem | 18:35.33 |
kens | Well they could just try it and see, or write a PostScrip tprogram which renders the Product string to the PDF file | 18:36.00 |
| Its trivial to get the Product out if you use PostScript | 18:36.10 |
| And that includes the version number of course | 18:36.19 |
fluffypony | that's true | 18:36.20 |
| so we were initially going PDF -> PostScript -> PDF/A | 18:36.28 |
| but then I was told that it broke some transparent images | 18:36.35 |
kens | Well, don't do the middle step :-) | 18:36.39 |
fluffypony | insert shrug emoji | 18:36.43 |
kens | Yes, it wll totally break transparency | 18:36.47 |
fluffypony | the commercial version will still allow us to override the Producer pdfmark, right? | 18:37.21 |
kens | PostScript doesn't support PDF transparency model, so any transparenct content in the PDF will be rendered to an image | 18:37.25 |
| I've made an exception for commercial custoemrs yes | 18:37.36 |
| Because if they produce PDF files I want their customer to go to them for support, not me :-) | 18:37.52 |
fluffypony | ok I'll use that to motivate for a commercial license - is there any indication of costs online, or is it a "speak to a consultant" model? | 18:37.59 |
kens | I'm afraid all I can tell you is that every licence is individually negotiated. I'm just an engineer, I stay away from commercial stuff | 18:38.32 |
fluffypony | ok perfect, thanks for all the input :) | 18:38.44 |
| one last question, if I may | 18:38.47 |
kens | Go on | 18:38.50 |
fluffypony | is it possible to pass the pdfmark content on the command line rather than linking to a pdfmark file? | 18:38.58 |
kens | Yes | 18:39.05 |
| Use -c to introduce PostScript and -f to stop it | 18:39.13 |
| Its in Use.htm IIRC | 18:39.20 |
fluffypony | tks, will check | 18:39.38 |
kens | actually I think any '-' will stop PostScript, but -f is safe | 18:39.44 |
fluffypony | perfect | 18:40.19 |
kens | Yeah under Command line options | 18:40.25 |
| In Use.htm | 18:40.34 |
| <<<Back 1 day (to 2019/09/30) | Forward 1 day (to 2019/10/02)>>> | |