[3] application/postscript は、 PostScript プログラムを表す MIME型です >>2。
application/postscript
[4] application/postscript が規定された時点で PostScript には水準1と水準2がありますが >>2、どちらにも使えます。
[7] PostScript DSC (document structuring conventions) は必須ではありませんが、 相互運用性のため強く推奨されています >>2。
[5] PostScript は Adobe Systems, Inc. の登録商標であり、 application/postscript MIME型を使うことは、 本商標とそれにより課されるすべての権利を認識 (recognition) することを暗示しています >>2。
[18] .ai ファイルに使われることがあります。 CKAN資源
.ai
[19] この用法の妥当性は疑問です。
[20] 現在の .ai ファイル形式は PDF に独自データを加えたものです。 .ai ということは広い意味で PDF も一応 PostScript ということで .ai を application/postscript だと言い張ることも不可能ではないのかもしれませんが...
[8] 一般目的の PostScript 解釈器にデータを引き渡すと、セキュリティー上の問題を引き起こすことがあります。 MIME の実装は次のような点に注意する必要があります。 >>2[9] deletefile などファイル操作の演算があります。 送信者は避けるべきですし、受信者は危険な操作を無効にするか、 特権を持たせないよう注意するべきです。[10] 通常の解釈器などを終了させる演算があり、「外側」の環境への変更が残ったまま次の文書が処理されることになるかもしれません。 従ってサービス拒否攻撃となる危険性があります。 送信者はそうした操作に依存するべきではありませんし、 受信者は startjob や exitserver の操作を除去したり無効化したりして変更が環境に残らないようにするべきです。[11] setsystemparams などシステムや装置の引数を変更する演算があります。 送信者はそうしたものが正しく動作することに依存するべきではありませんし、 受信者は変更を無効化するべきです。[12] 実装によっては非標準ながら機械コードの直接実行機能があります。 送信者は使うべきではありませんし、受信者は実行するべきではありません。[13] 送信者は非標準の拡張を使うべきではありませんし、 受信者は危険がないようにするべきです。[14] システムの資源を大量に消費したり、無限ループに陥ったりするかもしれません。 送信者はそのようなものを避けるべきですし、 受信者は十分な時間が経過した処理を中断する仕組みを提供するべきです。 またシステムの資源の消費量を制限するべきです。[15] 生のバイナリーデータを含めることができますが、インターネットメールでは推奨されていません。[16] 解釈器の不具合により受信者のシステムを操作できるかもしれません。
deletefile
startjob
exitserver
setsystemparams
A media type of "application/postscript" indicates a PostScript program. Currently two variants of the PostScript language are allowed; the original level 1 variant is described in [POSTSCRIPT] and the more recent level 2 variant is described in [POSTSCRIPT2].
媒体型 "application/postscript" は PostScript プログラムを示します。現在 PostScript 言語は2種類が認められます。 元の水準1は [POSTSCRIPT] で説明されています。 比較的新しい水準2は [POSTSCRIPT2] で説明されています。
PostScript is a registered trademark of Adobe Systems, Inc. Use of the MIME media type "application/postscript" implies recognition of that trademark and all the rights it entails.
PostScript は Adobe Systems, Inc. の登録商標です。 MIME 媒体型 "application/postscript" の使用は、この商標とそれに伴う全ての権利を認識することを必要とします。
The PostScript language definition provides facilities for internal labelling of the specific language features a given program uses. This labelling, called the PostScript document structuring conventions, or DSC, is very general and provides substantially more information than just the language level. The use of document structuring conventions, while not required, is strongly recommended as an aid to interoperability. Documents which lack proper structuring conventions cannot be tested to see whether or not they will work in a given environment. As such, some systems may assume the worst and refuse to process unstructured documents.
PostScript 言語定義は当該プログラムが使う特定言語機能の内部札付け機能を用意しています。この札付けは PostScript 文書構造協定 日本語定訳ありますか?, DSC と呼ばれますが、これは非常に一般的で本質的に単なる言語層以上の情報を提供するものです。 文書構造協定の使用は、必須ではありませんが、相互通信性の向上のために強く推奨します。 適切な構造協定のない文書は当該環境で機能するかどうかを試験することが出来ません。 ですから、構造協定のない文書を最悪とみなして処理するのを拒む処理系があります。
The execution of general-purpose PostScript interpreters entails serious security risks, and implementors are discouraged from simply sending PostScript bodies to "off-the-shelf" interpreters. While it is usually safe to send PostScript to a printer, where the potential for harm is greatly constrained by typical printer environments, implementors should consider all of the following before they add interactive display of PostScript bodies to their MIME readers.
一般目的の PostScript 解釈器の実行は重大な安全上の危険を伴うので、実装者には PostScript 本体を単純に 「off-the-shelf」なんて訳せばいいでしょ?解釈器に送ってしまわないことを推奨します。通常、 PostScript を印刷機に送ることは、害する可能性を典型的な印刷機環境は強く抑制してしまうので安全ですが、実装者は PostScript 本体を MIME 読者に対話型表示する前に次の全てを考慮するのが良いです。
The remainder of this section outlines some, though probably not all, of the possible problems with the transport of PostScript entities.
この節の残りの部分では、 PostScript 実体の転送に伴い起こり得る問題の, おそらく全てではありませんが幾つかを概説します。
(1) Dangerous operations in the PostScript language include, but may not be limited to, the PostScript operators "deletefile", "renamefile", "filenameforall", and "file". "File" is only dangerous when applied to something other than standard input or output. Implementations may also define additional nonstandard file operators; these may also pose a threat to security. "Filenameforall", the wildcard file search operator, may appear at first glance to be harmless.
Note, however, that this operator has the potential to reveal information about what files the recipient has access to, and this information may itself be sensitive. Message senders should avoid the use of potentially dangerous file operators, since these operators are quite likely to be unavailable in secure PostScript implementations. Message receiving and displaying software should either completely disable all potentially dangerous file operators or take special care not to delegate any special authority to their operation. These operators should be viewed as being done by an outside agency when interpreting PostScript documents. Such disabling and/or checking should be done completely outside of the reach of the PostScript language itself; care should be taken to insure that no method exists for re-enabling full- function versions of these operators.
(2) The PostScript language provides facilities for exiting the normal interpreter, or server, loop. Changes made in this "outer" environment are customarily retained across documents, and may in some cases be retained semipermanently in nonvolatile memory. The operators associated with exiting the interpreter loop have the potential to interfere with subsequent document processing. As such, their unrestrained use constitutes a threat of service denial. PostScript operators that exit the interpreter loop include, but may not be limited to, the exitserver and startjob operators. Message sending software should not generate PostScript that depends on exiting the interpreter loop to operate, since the ability to exit will probably be unavailable in secure PostScript implementations. Message receiving and displaying software should completely disable the ability to make retained changes to the PostScript environment by eliminating or disabling the "startjob" and "exitserver" operations. If these operations cannot be eliminated or completely disabled the password associated with them should at least be set to a hard- to-guess value.
(3) PostScript provides operators for setting system-wide and device-specific parameters. These parameter settings may be retained across jobs and may potentially pose a threat to the correct operation of the interpreter. The PostScript operators that set system and device parameters include, but may not be limited to, the "setsystemparams" and "setdevparams" operators. Message sending software should not generate PostScript that depends on the setting of system or device parameters to operate correctly. The ability to set these parameters will probably be unavailable in secure PostScript implementations. Message receiving and displaying software should disable the ability to change system and device parameters. If these operators cannot be completely disabled the password associated with them should at least be set to a hard-to-guess value.
(4) Some PostScript implementations provide nonstandard facilities for the direct loading and execution of machine code. Such facilities are quite obviously open to substantial abuse. Message sending software should not make use of such features. Besides being totally hardware-specific, they are also likely to be unavailable in secure implementations of PostScript. Message receiving and displaying software should not allow such operators to be used if they exist.
(5) PostScript is an extensible language, and many, if not most, implementations of it provide a number of their own extensions. This document does not deal with such extensions explicitly since they constitute an unknown factor. Message sending software should not make use of nonstandard extensions; they are likely to be missing from some implementations. Message receiving and displaying software should make sure that any nonstandard PostScript operators are secure and don't present any kind of threat.
(6) It is possible to write PostScript that consumes huge amounts of various system resources. It is also possible to write PostScript programs that loop indefinitely. Both types of programs have the potential to cause damage if sent to unsuspecting recipients. Message-sending software should avoid the construction and dissemination of such programs, which is antisocial. Message receiving and displaying software should provide appropriate mechanisms to abort processing after a reasonable amount of time has elapsed. In addition, PostScript interpreters should be limited to the consumption of only a reasonable amount of any given system resource.
(7) It is possible to include raw binary information inside PostScript in various forms. This is not recommended for use in Internet mail, both because it is not supported by all PostScript interpreters and because it significantly complicates the use of a MIME Content- Transfer-Encoding. (Without such binary, PostScript may typically be viewed as line-oriented data. The treatment of CRLF sequences becomes extremely problematic if binary and line-oriented data are mixed in a single Postscript data stream.)
(8) Finally, bugs may exist in some PostScript interpreters which could possibly be exploited to gain unauthorized access to a recipient's system. Apart from noting this possibility, there is no specific action to take to prevent this, apart from the timely correction of such bugs if any are found.
[17] PDF 用には application/pdf があります。
application/pdf