Is it considered a security risk to allow ~ or shell environment variables
in the argument to .so? For example,
.so ~/.groffrc
.so $HOME/.groffrc
___
Groff mailing list
Groff@gnu.org
http://lists.gnu.org/mailman/listinfo/groff
> Is it considered a security risk to allow ~ or shell environment
> variables in the argument to .so? For example,
>
> .so ~/.groffrc
>
> .so $HOME/.groffrc
I don't think so. All `dangerous' requests like `.open' or `.sy' are
enabled only if you add the `-U' flag to groff.
Werner
___
