> - There was support for embedded commands calling system(3). That's pretty scary.
Coincidentally, a few hours ago I was reading an article in the latest ;login entitled "Don't Take LaTeX Files from Strangers" which shows how TeX's built-in file i/o macros can be exploited to do some not very nice things. The article also mentions some attacks on previewers, but the authors seem to have missed the potential exploits enabled by this "feature" of dvips. A quick experiment confirms that dvips can be made to execute aribrary shell commands by embedding them into tex source in the right way. >From now on I'm going to run dvips with '-R'.
