On 25/06/2019 15.01, Martin Wilck wrote:
On Tue, 2019-06-25 at 22:11 +0930, Rodney Baker wrote:
On Monday, 24 June 2019 22:26:53 ACST Michal Suchánek wrote: [...]
That's the point - ghostscript is considered more or less unfixable. Quoting from the non-public bug where the apparmor profile was introduced: "With the current set of ghostscript security issues and likely more coming, we should audit the current users of ghostscript and remove it where it is not strictly necessary, or at least confine it using apparmor. [...] Basically processing untrusted input with ghostscript is a hopeless case and should be disabled." Yet ghostscript is at the heart of Linux printing, so it couldn't simply be ditched. Thus using apparmor is only logical - it confines ghostscript from an external, security-focused point of view.
Is that the reason why printing is switching to PDF? -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)