From groff-admin Mon Jul 26 17:02:35 1999 Received: from unet.univie.ac.at (unet.univie.ac.at [131.130.230.7]) by genba.ffii.org (8.9.3/8.9.3/Debian/GNU) with ESMTP id RAA31387 for ; Mon, 26 Jul 1999 17:02:35 +0200 Received: from rigel.univie.ac.at (root@uvo1-28.univie.ac.at [131.130.231.28]) by unet.univie.ac.at (8.8.8/8.8.7) with ESMTP id RAA29810; Mon, 26 Jul 1999 17:04:07 +0200 Received: (from sx0005@localhost) by rigel.univie.ac.at (8.9.3/8.8.8) id OAA23787; Mon, 26 Jul 1999 14:58:01 GMT Date: Mon, 26 Jul 1999 14:58:01 GMT Message-Id: <199907261458.OAA23787@rigel.univie.ac.at> X-Authentication-Warning: rigel.univie.ac.at: sx0005 set sender to sx0005@sx2.hrz.uni-dortmund.de using -f From: Werner LEMBERG To: Ted.Harding@nessie.mcc.ac.uk, groff@ffii.org In-reply-to: Reply-to: Werner LEMBERG References: Subject: [Groff] Re: FW: Re: soelim enhancement Status: O Content-Length: 1081 Lines: 24 1. I am forwarding the latest from Bill Morgan on his suggested change to soelim, for your information. It doesn't call for any action as yet. I've moved this to the groff list -- BTW, should I make the list public together with the announcement of the CVS repository of groff? The list address will be groff@gnu.org 2. I take it you have noticed the recent correspondence on "troff dangerous". What do you think? I am inclined to the view that ANY program which can invoke others is open to this kind of expoit by root -- all it needs is for a fake Trojan to replace the called program. I don't see either that groff is special in this resepct, nor that there is any sensible action one can take to avoid it short of disabling ".pso" altogether. Admittedly burying the Trojan call in the troff source of a man page is a bit unexpected, but then what isn't, in that game? I'm inclined to let the correspondence run (if it will) and see what people say. IIRC, my SuSE groff package had a fix for that. I'll look again. Werner