Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F4160209
0001-Add-dSAFER-to-ghostscript-as-a-hardening-measure.patch
No One
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Bawolff
Jun 13 2016, 8:51 AM
2016-06-13 08:51:50 (UTC+0)
Size
868 B
Referenced Files
None
Subscribers
None
0001-Add-dSAFER-to-ghostscript-as-a-hardening-measure.patch
View Options
From e4fcbad4640b079c862a3256a065eada4ce46b72 Mon Sep 17 00:00:00 2001
From: Brian Wolff <bawolff+wn@gmail.com>
Date: Mon, 13 Jun 2016 04:52:21 -0400
Subject: [PATCH] Add -dSAFER to ghostscript as a hardening measure
-dSAFER disables certain scary features of ghostscript
(like arbitrary file access). Its primarily about postscript
security, but enable it for pdfs to be safe.
Bug: T136402
Change-Id: I0ab37ddb5d134334e975bc07d3b9ba7bfc7a5659
---
PdfHandler_body.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/PdfHandler_body.php b/PdfHandler_body.php
index 36a52dd..dae9820 100644
--- a/PdfHandler_body.php
+++ b/PdfHandler_body.php
@@ -201,6 +201,7 @@ class PdfHandler extends ImageHandler {
"-sOutputFile=-",
"-dFirstPage={$page}",
"-dLastPage={$page}",
+ "-dSAFER",
"-r{$wgPdfHandlerDpi}",
"-dBATCH",
"-dNOPAUSE",
--
2.0.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3794752
Default Alt Text
0001-Add-dSAFER-to-ghostscript-as-a-hardening-measure.patch (868 B)
Attached To
Mode
T133070: MediaWiki 1.27.1 security release
Attached
Detach File
T136402: PdfHandler extension doesn't use -dSAFER option of ghostscript
Attached
Detach File
Event Timeline
Log In to Comment