[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkgsrc and security: xpdf example
On 2019-07-29 09:37, tlaronde%polynum.com@localhost wrote:
Nonetheless, for security, xpdf(1) is a good example. It could be argued
that there could be another mean to send a print job, taking into
account the problem of the vast variety of printing ways on different OSes
There are that many? You are quite likely to find lpr(1) - even cups
will provide it, if so configured.
The alternative is apparently to use cups out of the program, which ties
you to, well, cups.
xpdf would call one explicit program---a defined pathname script,
defined at installation time---with arguments instead of passing
whatever command to the shell), but, all in all, it's its function
to render PDF, on screen or on paper...
Funny, that. I have just come back from mupdf to xpdf for daily use,
because I found that the blasted former cannot print. It's not just that
xpdf can print, it will also memorize the proper printer options
(painfully cribbed together) that I would otherwise have to make a shell
alias for. Which leads me to my last point...
... what xpdf does (print with a pre-set command via system()) is
exactly what I would (have to) do from the commandline. Same
credentials. So how does forcing me to send a document to a printer from
the shell prompt, as opposed to out of xpdf, make anything/anybody safer?
The ASCII Ribbon Campaign Hauke Fath
() No HTML/RTF in email Institut für Nachrichtentechnik
/\ No Word docs in email TU Darmstadt
Respect for open standards Ruf +49-6151-16-21344
Main Index |
Thread Index |