Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.postscript > #3447
| Newsgroups | comp.lang.postscript |
|---|---|
| Date | 2019-09-09 20:20 -0700 |
| References | <76a128e3-b068-4071-9e7c-b32340144cf3@googlegroups.com> <b8cfeca4-846f-4996-97a0-567beba0a7ec@googlegroups.com> |
| Message-ID | <bee1f452-c660-4deb-b86c-5bc76a608ef6@googlegroups.com> (permalink) |
| Subject | Re: gs 'exploit'? |
| From | luser droog <luser.droog@gmail.com> |
On Monday, September 9, 2019 at 10:17:20 PM UTC-5, luser droog wrote: > On Monday, September 9, 2019 at 5:02:42 PM UTC-5, luser droog wrote: > > https://gist.github.com/rebirthwyw/d401fc375620d4497cc993045736a168 > > I'm not sure I entirely get it. Are the doubled brackets intended to > "deactivate" the code so it doesn't actually do anything unless modified? > That's the only thing I can think of. > > It appears this can only be used when the pdf device is active. > So if you process to ps2 first and then run the "clean" ps output > to make a pdf, that would completely invalidate the entire approach > here. If this technique is used, there are limits to what can be done. > So the permissions of the 'gs' binary are important. > > YMMV IANASA Screening should be easy. Bona fide documents should never be poking into /.pdf* . Although now thas I say that....sigh
Back to comp.lang.postscript | Previous | Next — Previous in thread | Next in thread | Find similar
gs 'exploit'? luser droog <luser.droog@gmail.com> - 2019-09-09 15:02 -0700
Re: gs 'exploit'? luser droog <luser.droog@gmail.com> - 2019-09-09 20:17 -0700
Re: gs 'exploit'? luser droog <luser.droog@gmail.com> - 2019-09-09 20:20 -0700
Re: gs 'exploit'? ken <ken@spamcop.net> - 2019-09-16 08:12 +0100
Re: gs 'exploit'? luser droog <luser.droog@gmail.com> - 2019-09-17 12:22 -0700
Re: gs 'exploit'? ken <ken@spamcop.net> - 2019-09-18 15:19 +0100
Re: gs 'exploit'? luser droog <luser.droog@gmail.com> - 2019-10-13 02:14 -0700
csiph-web