Bugtraq mailing list archives
Re: Troff dangerous.
From: yozo () AOHAKOBE IPC CHIBA-U AC JP (Yozo Toda)
Date: Mon, 26 Jul 1999 11:41:36 +0900
A "fix" to the problem would be to introduce a commandswitch for enabling the dangerous troff-commands, which is what I personally am going to do anyway..
looking at groff-1.10 and groff-1.11a, I found -msafer option to DISABLE dangerous commands... %%%% from "nroff -man $(GROFF)/tmac/msafer.n" %%%% MSAFER(7) Device and Network Interfaces MSAFER(7) NAME msafer - groff -msafer macros SYNOPSIS groff -msafer [ options... ] [ files... ] DESCRIPTION The -msafer macros remove the open, opena, pso, sy and pi requests. These macros should be used when processing input from an untrustworthy source. For maximum safety, they should be the first -m option on the command-line. Normally they are invoked using the -S option of groff, which will also pass gpic the -S flag. FILES /opt/gnu/share/groff/tmac/tmac.safer SEE ALSO groff(1), gtroff(1), gpic(1) Groff Version 1.11 Last change: 26 June 1995 1 %%%% %%%% -- yozo.
Current thread:
- Re: Troff dangerous. John Robert LoVerso (Jul 25)
- Re: Troff dangerous. Nic Bellamy (Jul 25)
- Re: Troff dangerous. Aaron Campbell (Jul 26)
- Re: Troff dangerous. Olaf Kirch (Jul 26)
- <Possible follow-ups>
- Re: Troff dangerous. Joel Eriksson (Jul 25)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Robert Watson (Jul 27)
- Re: Troff dangerous. Yozo Toda (Jul 25)
- Re: Troff dangerous. Eric Moore (Jul 25)
- Re: Troff dangerous. Ville Nummela (Jul 27)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Jason Thorpe (Jul 25)
- Retrieving RDS Data... Wanderley J. Abreu Jr (Jul 26)
- Re: Troff dangerous. Bob Beck (Jul 26)
- Re: Troff dangerous. Ronny Cook (Jul 25)
- Re: Troff dangerous. Steven M. Bellovin (Jul 26)
- Re: Troff dangerous. Groovy Pants Gus (Jul 26)
- Re: Troff dangerous. Nic Bellamy (Jul 25)