[redhat-lspp] untrusted printing formats
Matt Anderson
mra at hp.com
Thu Apr 13 18:08:43 UTC 2006
Earlier this week I began asking around about which formats we should
convert to bitmaps prior to sending on to the trusted printer.
Postscript is the obvious case since as a fully functional language it
is possible to embed code in a document which could subvert the forced
label. EPS and PDF are not quite as inherently suspect, but due to the
ease of converting those types to postscript and then processing them
similarly they seem like good candidates as well.
By default the only other formats CUPS supports are:
application/vnd.hp-HPGL
application/x-cshell
application/x-perl
application/x-shell
text/plain
text/html
image/gif
image/png
image/jpeg
image/tiff
image/x-bitmap
image/x-photocd
image/x-portable-anymap
image/x-portable-bitmap
image/x-portable-graymap
image/x-portable-pixmap
image/x-sgi-rgb
image/x-xbitmap
image/x-xpixmap
image/x-xwindowdump
image/x-sun-raster
Of those I am not aware of any attacks on printed output.
Other than PS/EPS/PDF can anyone think of another format which should
get special handling in order to preserve the integrity of the forced label?
thanks
-matt
More information about the redhat-lspp
mailing list