[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Groff] FW: ISS Security Advisory: GNU Groff utilities read untruste

From: Werner LEMBERG
Subject: Re: [Groff] FW: ISS Security Advisory: GNU Groff utilities read untrusted com mands from current working directory
Date: Mon, 13 Nov 2000 17:50:19 +0100 (CET)

> > > By default, the "troff" program reads its "troffrc"
> > > initialization file from the current working directory.  From a
> > > security standpoint, it would be desirable to restrict the
> > > searchable path for this file to the invoker's home directory
> > > and/or a trusted system.  Unfortunately, this could present
> > > problems for programs that depend on the current behavior.
> > 
> > My suggestion is to restrict the location of troffrc and
> > troffrc-end to `~' and groff's default tmac directory
> > (e.g. /usr/local/share/groff/tmac) if the -U flag isn't given.

I've now done the following: For searching and scanning troffrc and
troffrc-end, the home directory is used instead of the current
directory for the default path.  Similarly, the current directory in
the font path has been replaced with the home directory.

People can easily add the current directory again (if ever necessary)
either with using -M (resp. -F) or setting GROFF_TMAC_PATH or

I've just committed the changes into the CVS.  Please test and report
whether this is solution is sufficient to solve this security problem.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]