Issue 3: Ghostscript Invocation Inconsistencies and Reduced Sandbox #220
Description
Issue 3: Ghostscript Invocation Inconsistencies and Reduced Sandbox
Severity: Medium
Summary
Toyplot invokes Ghostscript to rasterize PDF -> PNG. There are two issues:
- PATH-based command discovery without absolute path enforcement (risk of binary hijack in compromised environments).
- Inconsistent security flags:
render()uses_gs_commandplus-dSAFER;render_frames()hardcodes "gs" and omits-dSAFER.
Affected Component
File: toyplot/reportlab/png.py
_gs_commanddiscovery looprender()vsrender_frames()command arrays
Impact
- Potential execution of malicious
gsearlier in PATH (local privilege boundaries may be crossed if Toyplot runs with elevated privileges). - Missing
-dSAFERincreases attack surface (historical Ghostscript sandbox escape CVEs could allow file read / write or code execution).
Root Cause
Lack of uniform command building logic & absent validation of resolved path.
Recommendation (Patch)
- Use
shutil.which()to resolve an absolute path:
import shutil, os
_gs_command = None
for candidate in ["gs", "gswin64c", "gswin32c"]:
path = shutil.which(candidate)
if path:
_gs_command = os.path.realpath(path)
break
if _gs_command is None:
raise EnvironmentError("Ghostscript executable not found.")- Factor a helper to build the command list (ensuring
-dSAFERor modern equivalent) and reuse in bothrenderandrender_frames. - Replace hardcoded "gs" in
render_frames()with_gs_command.
Optional Hardening
- Reject world-writable directories in the resolved path when in a hardened mode.
- Allow user override via environment variable (documented) with caution.
Verification Steps
- Before patch: rename a malicious script to
gsearlier in PATH; observe execution path. - After patch: tool uses absolute trusted path.
- Confirm both rendering functions include sandbox flags.
References
- Ghostscript security advisories (CVE history)
- Principle of least privilege & PATH hijacking (MITRE CWE-426)
Tracking
Labels: security, ghostscript, sandbox, medium-priority.