Page MenuHomePhabricator
Files F4160209

0001-Add-dSAFER-to-ghostscript-as-a-hardening-measure.patch
No One
Actions

Authored By
Bawolff
Jun 13 2016, 8:51 AM
Size
868 B
Referenced Files
None
Subscribers
None

0001-Add-dSAFER-to-ghostscript-as-a-hardening-measure.patch
View Options

From e4fcbad4640b079c862a3256a065eada4ce46b72 Mon Sep 17 00:00:00 2001
From: Brian Wolff <bawolff+wn@gmail.com>
Date: Mon, 13 Jun 2016 04:52:21 -0400
Subject: [PATCH] Add -dSAFER to ghostscript as a hardening measure
-dSAFER disables certain scary features of ghostscript
(like arbitrary file access). Its primarily about postscript
security, but enable it for pdfs to be safe.
Bug: T136402
Change-Id: I0ab37ddb5d134334e975bc07d3b9ba7bfc7a5659
---
PdfHandler_body.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/PdfHandler_body.php b/PdfHandler_body.php
index 36a52dd..dae9820 100644
--- a/PdfHandler_body.php
+++ b/PdfHandler_body.php
@@ -201,6 +201,7 @@ class PdfHandler extends ImageHandler {
"-sOutputFile=-",
"-dFirstPage={$page}",
"-dLastPage={$page}",
+ "-dSAFER",
"-r{$wgPdfHandlerDpi}",
"-dBATCH",
"-dNOPAUSE",
--
2.0.1

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3794752
Default Alt Text
0001-Add-dSAFER-to-ghostscript-as-a-hardening-measure.patch (868 B)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL