[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: doc-view and mailcap
From: |
Reiner Steib |
Subject: |
Re: doc-view and mailcap |
Date: |
Wed, 17 Oct 2007 19:59:41 +0200 |
User-agent: |
Gnus/5.110007 (No Gnus v0.7) Emacs/22.1.50 (gnu/linux) |
On Wed, Oct 17 2007, Richard Stallman wrote:
> I didn't have time to try doc-view yet [...], so I don't know if
> doc-view makes sense for attachments.
>
> Would you please report back when you are able to try it?
I had a quick look at `doc-view.el'. There's a security issue when
using `doc-view' in mailcap. mailcap attempts to use a safe viewer
with the safest options[1], e.g. it calls gv, gs and xdvi with the
"-safer" option [2]. AFAICS, `doc-view' doesn't use such options. At
least "-dSAFER" should be added in `doc-view-ghostscript-options' and
`doc-view-ps2pdf-program' (or a new variable
`doc-view-ps2pdf-options'?) when used with mailcap (or even always?).
I don't know if similar security options are available for dvipdfm and
pdftotext.
Bye, Reiner.
[1]
,----[ (info "(emacs-mime)Display Customization") ]
| `mm-enable-external'
| Indicate whether external MIME handlers should be used.
|
| If `t', all defined external MIME handlers are used. If `nil',
| files are saved to disk (`mailcap-save-binary-file'). If it is
| the symbol `ask', you are prompted before the external MIME
| handler is invoked.
|
| When you launch an attachment through mailcap (*note mailcap::) an
| attempt is made to use a safe viewer with the safest options--this
| isn't the case if you save it to disk and launch it in a different
| way (command line or double-clicking). Anyhow, if you want to be
| sure not to launch any external programs, set this variable to
| `nil' or `ask'.
`----
[2]
,----[ M-x occur RET safer RET ]
| 4 matches for "safer" in buffer: mailcap.el
| 94: (viewer . "xdvi -safer %s")
| 140: (viewer . "gv -safer %s")
| 160: (viewer . "gv -safer %s")
| 166: (viewer . "ghostview -dSAFER %s")
`----
,----[ gv(1) ]
| -safer, -nosafer
|
| Whether to start ghostscript with the -dSAFER option.
`----
,----[ gs(1) ]
| -dSAFER
| Disables the "deletefile" and "renamefile" operators
| and the ability to open files in any mode other than
| read-only. This strongly recommended for spoolers,
| conversion scripts or other sensitive environments
| where a badly written or malicious PostScript program
| code must be prevented from changing important files.
`----
,----[ xdvi(1) ]
| -safer
| (.safer) This option turns on all available security
| options; it is designed for use when xdvi is called by
| a browser that obtains a dvi or TeX file from another
| site. This option selects +nogssafer and +allowshell.
`----
--
,,,
(o o)
---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/
- Re: doc-view and mailcap, (continued)
- doc-view and mailcap (was: Please install: Some improvements to doc-view.el), Reiner Steib, 2007/10/16
- Re: doc-view and mailcap, Stefan Monnier, 2007/10/16
- Re: doc-view and mailcap, Richard Stallman, 2007/10/17
- Re: doc-view and mailcap, Stefan Monnier, 2007/10/17
- Re: doc-view and mailcap, Reiner Steib, 2007/10/17
- Re: doc-view and mailcap, Juri Linkov, 2007/10/17
- Re: doc-view and mailcap, Richard Stallman, 2007/10/18
- Re: doc-view and mailcap (was: Please install: Some improvements to doc-view.el), Richard Stallman, 2007/10/17
- Re: doc-view and mailcap,
Reiner Steib <=
- Re: doc-view and mailcap, Tassilo Horn, 2007/10/17
- Re: doc-view and mailcap, Reiner Steib, 2007/10/17
- Re: doc-view and mailcap, Stefan Monnier, 2007/10/18
- Re: doc-view and mailcap, Reiner Steib, 2007/10/18
- Re: doc-view and mailcap, Tassilo Horn, 2007/10/18
- Re: doc-view and mailcap, Tassilo Horn, 2007/10/18
- Re: doc-view and mailcap, Richard Stallman, 2007/10/18
- Re: doc-view and mailcap, Reiner Steib, 2007/10/18
- Re: doc-view and mailcap, Tassilo Horn, 2007/10/18
- Re: doc-view and mailcap, Juri Linkov, 2007/10/18