[tex-k] epstopdf: using eps libraries

Heiko Oberdiek heiko.oberdiek at googlemail.com
Mon Nov 12 10:02:51 CET 2012 

On Mon, Nov 12, 2012 at 01:44:52AM +0100, Reinhard Kotucha wrote:

> On 2012-11-12 at 07:18:30 +0900, Norbert Preining wrote:
> 
>  > I checked epstopdf.pl, that is indeed a problem, the argument to
>  > --gscmd is not split into words, but passed as a whole as the
>  > gs command. Thus, adding additional arguments does not work.
> 
> At a first glance I thought that --gscmd was supposed to replace
> options too, but obviously its purpose is to change only the program
> name.  It's probably superfluous since $^O is checked already.

No, it is definitely not superfluous:
* The automatic checks might fail (especially on windows there are many
  different standard command names 32bit, 64bit, ...).
* There can be several ghostscript installations on a machine
  (different versions, different ports, different locations).
  There are PostScript files that do not work with any Ghostscript
  version and a Ghostscript version might not work with any
  PostScript file. For this reason and for testing reasons I
  have about fifteen Ghostscript versions installed.
    Thus --gscmd makes it easy to select a different
  Ghostscript program.

>  > Maybe we extend epstopdf in two ways:
>  > * add a command line switch -nosafer that changes the -dSAFER to
>  > * -dNOSAFER
> 
> Sounds good, but it should be ignored if ($restricted != 0).

Yes, -dSAFER must be in force for restricted mode.

>  > * split the --gscmd into words

Bad idea, because the command name may already contain spaces.
IMHO it is better to add an new option --gsopt or similar to add
additional Ghostscript options.
  In restricted mode this kind of option also needs to be disabled
unless the options are parsed and found harmless. The option
value might contain quite complex code (e.g. PostScript code
in option -c of Ghostscript). This and unknown settings
(e.g. -dXYZ) must be ignored/rejected in restricted mode
to avoid security holes.

> IMO the benefit is very small because you can't pass arbitrary options
> to gs this way.  The order matters.  I suppose that you can write
> 
>   gs -dNOSAFER file1.ps -dSAFER file2.ps

At least different option settings for different files are not needed
for `epstopdf', because it only converts one file.

Yours sincerely
  Heiko Oberdiek
--

More information about the tex-k mailing list