Path: utzoo!mnetor!tmsoft!torsqnt!news-server.csri.toronto.edu!rpi!usc!sdd.hp.com!decwrl!adobe!heaven!heaven.woodside.ca.us From: glenn@heaven.woodside.ca.us (Glenn Reid) Newsgroups: comp.lang.postscript Subject: Re: Why systemdict is not writeable? Message-ID: <462@heaven.woodside.ca.us> Date: 27 Mar 91 20:05:23 GMT References: <1991Mar15.075038.18944@santra.uucp> Sender: glenn@heaven.woodside.ca.us Lines: 43 In article <1991Mar15.075038.18944@santra.uucp> alo@kampi.hut.fi (Antti Louko) writes: [ some details omitted ] > But this didn't solve the whole problem. The original systemdict was > still accessible and a malicious user can redefine showpage to the > original one and defeat pagelimit. Well, I made a copy of systemdict > and put it in userdict. Now users cannot access systemdict. Wrong, he > can still access it using "dictstack" or "where" operators. I had to > replace those, too. I am not still sure that user cannot get the > original systemdict with some trick. > > Moral of the story: > > systemdict should be writeable! The reason you want to be able to write into systemdict is to make security (and/or accounting) tighter, so it can't be circumvented. This is a very interesting problem, as you point out. Without offering anything useful, let me challenge you with the thought that, if systemdict were indeed writable, it could be written by the same people whom you would like to prevent from getting at it. At the very least, systemdict should not be writable unless the exitserver password is supplied, giving some level of security. I haven't looked around much, but there's also the possibility that a pointer to systemdict is stored in one of the built-in procedures (like findfont), and a copy of systemdict could potentially be retreived from such a place (another thing for you to consider, in addition to redefining eexec). Be careful with eexec or downloaded fonts won't work! As a side note, Sun's NeWS interpreter has a writable systemdict. Security is much more important on a window server than on a printer, so perhaps some NeWS users could supply some war stories as to the advisability of this approach. Let us know what you find out. -- Glenn Reid RightBrain Software glenn@heaven.woodside.ca.us NeXT/PostScript developers ..{adobe,next}!heaven!glenn 415-851-1785 (fax 851-1470)