Your message dated Thu, 04 Jan 2024 20:32:18 -0600 with message-id <13927800.RDIVbhacDa@riemann> and subject line Re: ghostscript: cannot open OutputFile if -dSAFER specified with piped or interactive input has caused the Debian Bug report #618530, regarding gs -dSAFER: /invalidfileaccess with "run" operator to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 618530: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618530 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ghostscript: cannot open OutputFile if -dSAFER specified with piped or interactive input
- From: "Ralph A. Smith" <smith.ralph.a@gmail.com>
- Date: Tue, 15 Mar 2011 21:12:49 -0400
- Message-id: <20110316011249.30633.99171.reportbug@pindar.greenhouse>
Package: ghostscript Version: 8.71~dfsg2-9 Severity: normal The behavior of the -dSAFER flag has changed between versions of Ghostscript in Lenny and Squeeze. It now prevents -sOutputFile from working if the input is taken interactively or from a pipe. For example: user@host:path$ gs -q -dSAFER -dSAFINTERPOLATE -dTextAlphaBits=4 -dGraphicsAlphaBits=4 -sDEVICE=ppmraw -r144 -sOutputFile=foo.ppm GS>(foo.ps) run Error: /invalidfileaccess in --run-- Operand stack: (foo.ps) (r) ... This is annoying for those of us who use pipes in scripts to generate graphics, say for web applications. Google did not show any obvious accounts of this. At the very least, it should be documented in a changelog. -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages ghostscript depends on: ii debconf [de 1.5.36.1 Debian configuration management sy ii debianutils 3.4 Miscellaneous utilities specific t ii gsfonts 1:8.11+urwcyr1.0.7~pre44-4.2 Fonts for the Ghostscript interpre ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libgs8 8.71~dfsg2-9 The Ghostscript PostScript/PDF int ghostscript recommends no packages. ghostscript suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---
- To: 618530-done@bugs.debian.org
- Subject: Re: ghostscript: cannot open OutputFile if -dSAFER specified with piped or interactive input
- From: Steven Robbins <steve@sumost.ca>
- Date: Thu, 04 Jan 2024 20:32:18 -0600
- Message-id: <13927800.RDIVbhacDa@riemann>
- In-reply-to: <20111016012844.GA21511@elie.hsd1.il.comcast.net>
On Sat, 15 Oct 2011 20:28:44 -0500 Jonathan Nieder <jrnieder@gmail.com> wrote: > unmerge 618530 > # just a regression > severity 618530 important > found 618530 ghostscript/9.04~dfsg-2 > tags 618530 + upstream > forwarded 618530 http://bugs.ghostscript.com/show_bug.cgi?id=692602 > quit > > Jonathan Nieder wrote: > > > Confirmed: with version 8.71~dfsg2-6.1 running > > > > man -t ls >ls.1 > > echo '(ls.ps) run' | ghostscript -dSAFER > > > > fails with /invalidfileaccess, while with 8.71~dfsg2-6 it succeeds > > Thanks again. Let's see what upstream says. >From the referenced bug report, upstream says it is an intentional behaviour change: Ray Johnston 2012-02-18 22:32:06 UTC It is EXACTLY the intent of SAFER mode (whether -dSAFER or -dDELAYSAFER) to inhibit a (potentially malicious) PS program from reading, executing, deleting, renaming, etc. file systems that are not explicitly identified by the invocation. Paths that are named on the command line using -I___ will be added to the "PermitFileReading" set of paths, but the CWD (i.e. '.' is NOT there with 9.01+ so if it is desired -P or -I. should be specified as an option. This (as far as I can tell from the previous discussion) is working as intended.Attachment: signature.asc
Description: This is a digitally signed message part.
--- End Message ---