Alfredo Braunstein <[EMAIL PROTECTED]> writes:
| Can someone test the current patch with documents with external insets to
| see if all works OK?
>
| Attached also a testcase showing the bad behaviour before the patch.
>
| Should we do something equivalent for converters?
>
| I don't know if playing with the file name to be converted you can also
| execute arbitrary code. Tried a bit and didn't work... but it would be
| nicer/safer to use execvp anyways?
Is execvp really nice?
I would have prefered execv since malicious programs can then not be
called from arbitrary locations (in the PATH).
--
Lgb
