Bug 53157

Summary: Vulnerability in ghostscript thumbnail creation
Product: [Applications] konqueror Reporter: Philipp Hullmann <phull>
Component: generalAssignee: Konqueror Developers <konq-bugs>
Severity: normal CC: keithw
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:

Description Philipp Hullmann 2003-01-19 13:37:21 UTC
Version:            (using KDE Devel)
Installed from:    Compiled sources

A short glance at the latest version (1.10) of file kdebase/kioslave/thumbnail/gscreator.cpp revealed two problems:

- gs should be called with option -dSAFER, otherwise malicious PostScript files can delete, rename and overwrite files. This bug is present in the 3.0 branch as well, see my patch for bug 45001 for a fix.

- the paths for executables /usr/bin/gs and /usr/bin/dvips are hardcoded. There are lots of systems where neither live in /usr/bin, so this should at least be configurable.
Comment 1 Keith Winstein 2003-04-03 21:21:55 UTC
See also kghostview's bug ID 56808 ("Security hole (-dPARANOIDSAFER not used) allows arbitrary command execution").
Comment 2 Maksim Orlovich 2003-04-03 21:23:56 UTC
Forwarded to security@kde.org 
Comment 3 Dirk Mueller 2003-04-09 23:05:17 UTC
Fixed by KDE Security update in 3.0.5b / 3.1.1a of today.  
Comment 4 Dirk Mueller 2003-04-09 23:10:22 UTC
*** Bug 56808 has been marked as a duplicate of this bug. ***