Bugtraq mailing list archives
Re: Troff dangerous.
From: yozo () AOHAKOBE IPC CHIBA-U AC JP (Yozo Toda)
Date: Mon, 26 Jul 1999 11:41:36 +0900
A "fix" to the problem would be to introduce a commandswitch for enabling the dangerous troff-commands, which is what I personally am going to do anyway..
looking at groff-1.10 and groff-1.11a,
I found -msafer option to DISABLE dangerous commands...
%%%% from "nroff -man $(GROFF)/tmac/msafer.n" %%%%
MSAFER(7) Device and Network Interfaces MSAFER(7)
NAME
msafer - groff -msafer macros
SYNOPSIS
groff -msafer [ options... ] [ files... ]
DESCRIPTION
The -msafer macros remove the open, opena, pso, sy and pi
requests. These macros should be used when processing input
from an untrustworthy source. For maximum safety, they
should be the first -m option on the command-line. Normally
they are invoked using the -S option of groff, which will
also pass gpic the -S flag.
FILES
/opt/gnu/share/groff/tmac/tmac.safer
SEE ALSO
groff(1), gtroff(1), gpic(1)
Groff Version 1.11 Last change: 26 June 1995 1
%%%% %%%%
-- yozo.
Current thread:
- Re: Troff dangerous. John Robert LoVerso (Jul 25)
- Re: Troff dangerous. Nic Bellamy (Jul 25)
- Re: Troff dangerous. Aaron Campbell (Jul 26)
- Re: Troff dangerous. Olaf Kirch (Jul 26)
- <Possible follow-ups>
- Re: Troff dangerous. Joel Eriksson (Jul 25)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Robert Watson (Jul 27)
- Re: Troff dangerous. Yozo Toda (Jul 25)
- Re: Troff dangerous. Eric Moore (Jul 25)
- Re: Troff dangerous. Ville Nummela (Jul 27)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Jason Thorpe (Jul 25)
- Retrieving RDS Data... Wanderley J. Abreu Jr (Jul 26)
- Re: Troff dangerous. Bob Beck (Jul 26)
- Re: Troff dangerous. Ronny Cook (Jul 25)
- Re: Troff dangerous. Steven M. Bellovin (Jul 26)
- Re: Troff dangerous. Groovy Pants Gus (Jul 26)
- Re: Troff dangerous. Nic Bellamy (Jul 25)