[tex-live] Re: [tex-k] secure mode of dvips should be default

[Thomas Esser]

> Xdvi implements such a trusted list, sort of.  If xdvi encounters a
> PostScript file whose name ends in .Z or .gz or .bz2, and if the first
> 2-3 bytes of the file are the correct magic bytes for the file type,
> then xdvi will automatically pass the file through uncompress or gunzip
> or bunzip2 before processing it.  IMHO, dvips should do the same
> (and TeX, likewise, when getting bounding box information).
> 
> Comments, anyone?

Even better would be to use libgz / libbz2 for decompression. No fork,
no security problem.

Thomas