[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Groff] me docs

From: jim
Subject: Re: [Groff] me docs
Date: Thu, 29 Nov 2001 12:50:17 +0000

>>>>> "Ralph" == Ralph Corderoy <address@hidden> writes:

    Ralph> So just like the kernel watches for `#! /bin/make -f' groff
    Ralph> could look for

    Ralph>     .\"#! groff -p -mm

This is exceptionally dangerous and unwise. Don't even think about
implementing it. Very bad things can happen when a file contains
embedded commands that a program silently executes when it gets
invoked to do something else on that file. Embedding shell commands is
the most dangerous thing of all. Since nobody is likely to know or
even remember what, if any, embedded shell commands are in their groff
document source this is a disaster waiting to happen. And a glaring
security hole. [Think of the damage if something nasty got added to
the source of a man page.] Does anyone else remember the horrible
things that happened when vi/ex obeyed any editor commands that were
included at the top of files that were supposed to be edited with vi
or ex? That feature was added to make per-file customisations like
abbreviation and indentation easier. It got withdrawn when it was
found to have other less friendly applications.

Taking the above example, how about:

        .\"#! groff -p -mm > important-file-with-no-backup


        .\"#! groff something; rm -rf ~

Get the general idea?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]