Re: [Groff] devpdf U-fonts and Russian

[Tadziu Hoffmann]

> > Another important issue is security.  PS, as a
> > programming language, allows far too much things.

To put this into perspective, many people have no qualms
running arbitrary javascript code in their browsers, not
only from from the URL displayed by the browser but also
from uncounted other third-party sources usually not shown to
the user.  And javascript is also a full-fledged programming
language.

In browsers, the execution of code is pretty well sandboxed
nowadays, and in principle something similar should also be
possible for other programming languages.  Ghostscript has a
"safer" option to restrict what the program can access in
the file system, but I don't know how rigorously it has been
tested under attack.

Overall I unfortunately have to agree: the more you enable,
the more dangerous it becomes.


> The same person who uses PS normally uses a shell.  How is
> access to the shell from within PS any more of a security
> hazard than access from without?  

Depends on what you consider "using a shell".  If you mean
"typing commands by hand", I'd say that's pretty safe because
you should be aware of the effects of individual commands.
If you mean "running all kinds of shell scripts downloaded
from somewhere", that could be pretty dangerous if you
haven't verified what they do.  Unfortunately, the latter
interpretation would be the one that applies to documents
for whose creators you can't vouch.