Update of bug #66419 (group groff):
Severity: 3 - Normal => 4 - Important
_______________________________________________________
Follow-up Comment #9:
[comment #6 comment #6:]
> I realize that checking for '/'s is relatively easy to implement. I do not,
> however, agree that it's a great idea unless the check is going to be
> improved to be backward-compatible.
Whether I agree with this depends on what you mean. Reverting the intention
of the changes to fix bug #61424 would leave documents susceptible to "remote
font description file trickery".
If by "improvement", you mean "add a `-U` flag that disables the slash check
for PostScript prologue and resource files (including fonts), then that looks
likely; I'd like to release _groff_ 1.24 soon and this seems an expedient way
to avoid gating the release on this problem. (Speaking of which, I'm
elevating the severity of this ticket to "Important"; the assertion failures
alone are sufficient reason to do that.)
I mean to keep with long-standing _groff_ tradition and put out a release
candidate first. I hope people like you with long *roff experience will
evaluate it.
> I think taking a step back and looking at the big picture of the goals for
> the project is in order. I don't mean a six-month redesign, but rather a
> quick affirmation of the goals.
It's my intention to review
[https://www.gnu.org/software/groff/groff-mission-statement.html _groff_'s
Mission Statement] after the 1.24 release. I have some minor changes to
propose. (Mainly I want to clarify that _man_(7) is not deprecated and that
_mdoc_(7) is not preferred over it by the _groff_ project. Such a preference
has never been in evidence by contributing developers, but it has been
expressed by _mdoc_ partisans.)
At the same time I don't find _this_ bug report to be sufficient cause for
some kind of searching reconsideration of _groff_'s objectives.
> I just don't think that trying to ensure that all reports of 'potential
> security bugs' need to be addressed.
I don't think anyone is proposing this. We lack the resources for an
attempted security audit of _groff_. Bug #61424 arose because in the course
of learning my way through the system (an ongoing process) I performed an
experiment whose outcome startled me. I discussed it with more experienced
_groff_ developers and they agreed that it was a problem that warranted
resolution.
> I do think that functionality should be maintained (along with
> maintainability).
That's an unobjectionable statement.
> Are you really sure you want to tackle the 'security problem'? I honestly
> don't think it's a bug.
If you'd like to propose its reconsideration, please post a comment to bug
#61424 so that the other _groff_ developers who opined on it (Dave Kemper and
Deri James) are aware of your perspective and can weigh in.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?66419>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
