This patch runs 'ghostscript' with the -dSAFER option, which prevents 
malicious PostScript files from writing and/or deleting files.

--jhb, 5/10/2000


*** xvps.c.orig	Wed May 10 09:48:59 2000
--- xvps.c	Wed May 10 10:09:24 2000
***************
*** 1577,1586 ****
  #  ifndef VMS
       sprintf(tmp1, "-I%s ", GS_LIB);
  #  else
!      sprintf(tmp1, "\"-I%s\"", GS_LIB);
  #  endif
     strcat(tmp, tmp1);
  #endif
  
    if (gsGeomStr) {
      sprintf(tmp1, "-g%s ", gsGeomStr);
--- 1577,1595 ----
  #  ifndef VMS
       sprintf(tmp1, "-I%s ", GS_LIB);
  #  else
!      sprintf(tmp1, "\"-I%s\" ", GS_LIB);
  #  endif
     strcat(tmp, tmp1);
  #endif
+ 
+ 
+    /* prevent some potential naughtiness... */
+ #ifndef VMS
+    strcat(tmp, "-dSAFER ");
+ #else
+    strcat(tmp, "\"-dSAFER\" ");
+ #endif
+ 
  
    if (gsGeomStr) {
      sprintf(tmp1, "-g%s ", gsGeomStr);