Apply DOPS to "bare" PS operator in PDF's

PDF 1.2 defined a PS operator that could be used in streams to execute
PostScript. This went away with PDF 1.3 2nd edition spec., but Ghostscript
retained the functionality. In commit e7086fc6 we disabled the execution
of Subtype /PS streams (requiring -dDOPS to enable them), but the "PS"
operator, that sends PostScript strings to the underlying Postscript
interpreter remained unaffected, leading to Bug 700176 exploit.

This patch also disables the "PS" operator unless -dDOPS is specified.
Using -dDOPS is *NOT* recommended, although the fixes for Bug700176
should prevent that particular exploit.

0 files changed, 0 insertions, 0 deletions