[ILUG] unix mail script virus hole long before windows?
Foley, Brian (Galway)
Brian.P.Foley at compaq.com
Tue Jul 10 14:58:17 IST 2001
Well yeah, any arbitrary piece of data can be turned into executable code in
PS, but thats not quite the point.
You don't have to do any interpretation yourself -- thats what the PS
interpreter is for!
If you redefined the file operator (which takes works like fopen in C) as
Then any attempt to open a file such as
(/etc/passwd) (w) file
would cause an error.
If this redefinition is done as part of the job prolog, then the 'real'
definition of the file operator is effectively lost for the rest of the job.
BTW the following should do what you want, but don't hold me to it, I've no
PS interpreter to hand right now...
(~/i_could_have_deleted_all_your_files) (w) file
f (You've been PostScripted!) writestring
From: Paul Jakma [mailto:paulj at alphyra.ie]
Sent: 10 July 2001 13:46
To: Foley, Brian (Galway)
Cc: ilug at linux.ie
Subject: RE: [ILUG] unix mail script virus hole long before windows?
however, less reassuring, from the same post, is that in PS operators
can be created from other strings. so it would seem to be nearly
impossible to secure PS just by scanning the inputted PS, the
interpreter would have to check constantly while 'running' the PS
wonder whether ghostscript has been refined further security wise
since the above 1994 RISKS digest? ...
what's the postscript for:
echo "you've been postscripted" >> ~/i_could_have_deleted_all_your_files
'd love to send to a few people....
More information about the ILUG