Re: Troff dangerous.

From: Pavel Kankovsky (peakat_private)
Date: Sun Jul 25 1999 - 06:48:25 PDT

Next message: .rain.forest.puppy.: "Re: Alert: RDS IIS vulnerability/fix"

Previous message: Ronny Cook: "Re: Troff dangerous."
Maybe in reply to: Pawel Wilk: "Troff dangerous."
Next in thread: Pete: "Re: Troff dangerous."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 23 Jul 1999, Pawel Wilk wrote:

> If you want your system safe,
> don't look as root
> at manual page.

The dangerous instructions (.pso, .open/.opena) are probably GNU
troff (aka groff) specific. Little (if any) functionality would be
lost if the were removed for the sake of safety.

Nevertheless, this does not imply other implementations must be
absolutely safe: for example, there are probably ways to abuse .so as
well (.so /dev/zero, .so /dev/kmem, .so some-system-fifo...).

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Next message: .rain.forest.puppy.: "Re: Alert: RDS IIS vulnerability/fix"
Previous message: Ronny Cook: "Re: Troff dangerous."
Maybe in reply to: Pawel Wilk: "Troff dangerous."
Next in thread: Pete: "Re: Troff dangerous."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:53:32 PDT