{"id":21832770,"url":"https://github.com/papercutsoftware/ghosttrap","last_synced_at":"2025-08-20T20:33:09.426Z","repository":{"id":6360764,"uuid":"7597861","full_name":"PaperCutSoftware/GhostTrap","owner":"PaperCutSoftware","description":"Ghost Trap is a hardend distribution of the GPL Ghostscript PDL interpreter secured and sandboxed using Google Chrome sandbox technology. It's used to securely convert PostScript and PDF files from untrusted sources into images.","archived":false,"fork":false,"pushed_at":"2024-09-11T05:18:28.000Z","size":711,"stargazers_count":50,"open_issues_count":6,"forks_count":7,"subscribers_count":48,"default_branch":"main","last_synced_at":"2024-12-11T00:30:51.292Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PaperCutSoftware.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.rtf","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-01-14T03:30:09.000Z","updated_at":"2024-11-28T17:34:11.000Z","dependencies_parsed_at":"2024-08-08T04:58:11.784Z","dependency_job_id":"b954989b-0bdb-43f4-87d1-267b426015c3","html_url":"https://github.com/PaperCutSoftware/GhostTrap","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PaperCutSoftware%2FGhostTrap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PaperCutSoftware%2FGhostTrap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PaperCutSoftware%2FGhostTrap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PaperCutSoftware%2FGhostTrap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PaperCutSoftware","download_url":"https://codeload.github.com/PaperCutSoftware/GhostTrap/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230454430,"owners_count":18228392,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-27T19:25:36.947Z","updated_at":"2025-08-20T20:33:09.311Z","avatar_url":"https://github.com/PaperCutSoftware.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ghost Trap - Ghostscript trapped in a sandbox\n\n*Ghost Trap* is used to securely convert PostScript and PDF files from untrusted sources into images.\nIt's a modified distribution of the [GPL Ghostscript PDL interpreter](http://www.ghostscript.com/) secured and \nsandboxed using [Google Chrome sandbox technology](http://dev.chromium.org/developers/design-documents/sandbox).  The \nobjective of the project is to bring best-of-breed security to Ghostscript's command-line conversion applications\non MS Windows.\n\nFor the less technical audience  *Ghost Trap* was designed with the help of \n[Peter Venkman, Egon Spengler, and Raymond Stantz](http://en.wikipedia.org/wiki/Ghostbusters). \nIt can be simply explained as portable [Ecto Containment Unit](http://www.gbfans.com/equipment/ghost-trap/) which\nsecurely holds Ghostscripts in a laser containment field :-)\n\n[![Ghost Trap from Ghostbusters](https://raw.githubusercontent.com/PaperCutSoftware/GhostTrap/master/images/ghostbusters-ghost-trap-sized.jpg)](https://www.gbfans.com/equipment/ghost-trap/)\n\n\n## Download\n\n*Windows:* [ghost-trap-installer.exe](https://cdn1.papercut.com/files/open-source/ghost-trap/ghost-trap-installer-1.6.10.04.exe)  (version 1.6.10.04)\n\n\n## Motivation\n\nPage Description Language (PDL) interpreters are large complex native code solutions. Adobe Reader is also a PDL viewer and as evident\nby the number of security updates seen over the years, maintaining a secure solution in this space is a\ndifficult and ongoing exercise.  \n\nSecurity is one of the most important goals at [PaperCut Software](http://www.papercut.com/).  Many\nPaperCut users are large organizations printing sensitive data and have high security requirements.\nIn 2012 we started on a project to bring one of our most requested features, the ability to view and \narchive print jobs, into our print management software. To support viewing of PostScript jobs we \nneeded to reply on a PostScript interpreter.\n\nRather than risk PaperCut users being susceptible to zero-day attacks we decided to take a more \nproactive approach by adopting modern process-level sandboxing.  This best-practice \"extra barrier\"\nhas been made possible by mating two fantastic open source projects: Ghostscript and Google Chromium. \n*Ghost Trap* brings Chromium's best of breed sandboxing security to Ghostscript.  Although sandboxing \nis not [100% infallible](http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html) the increased security \nadds a very substantial barrier, and provides our users with a best-practice secure option for PostScript to image \nconversion.\n\n\n## Command-Line Usage\n\nInstall *Ghost Trap* (download link above).  Here are some examples using the example PostScript files\nsupplied with Ghostscript.\n\nTo convert the Escher PostScript example into a PNG image *WITHOUT* sandboxing (this is just standard Ghostscript):\n\n    C:\\Users\\me\u003e \"C:\\Program Files (x86)\\GhostTrap\\bin\\gsc.exe\" -q -dSAFER -dNOPAUSE -dBATCH ^\n                 -sDEVICE=png16m -sOutputFile=escher.png ^\n                 \"C:\\Program Files (x86)\\GhostTrap\\examples\\escher.ps\"\n\n\nTo convert the same Escher example into a PNG image *WITH* sandboxing using *Ghost Trap*:\n\n    C:\\Users\\me\u003e \"C:\\Program Files (x86)\\GhostTrap\\bin\\gsc-trapped.exe\" -q -dNOPAUSE -dBATCH ^\n                 -sDEVICE=png16m -sOutputFile=escher.png ^\n                 \"C:\\Program Files (x86)\\GhostTrap\\examples\\escher.ps\"\n\nTo convert a multi-page PDF file into a JPEG images *WITH* sandboxing:\n\n    C:\\Users\\me\u003e \"C:\\Program Files (x86)\\GhostTrap\\bin\\gsc-trapped.exe\" -q -dNOPAUSE -dBATCH ^\n                 -sDEVICE=jpeg \"-sOutputFile=annots page %d.jpg\" ^\n                 \"C:\\Program Files (x86)\\GhostTrap\\examples\\annots.pdf\"\n\n`gsc-trapped.exe` is the sandboxed version of `gsc.exe`.  It should behave the same\nas the standard Ghostscript console command as [documented](https://ghostscript.readthedocs.io/en/gs10.04.0/Use.html),\nwith the following known exceptions:\n\n *  The input and output files must be on a local disk (no network shares).\n *  The `-dSAFER` mode is always enabled by default.\n *  Defining custom/extra FONT or LIB paths on the command line is not allowed.\n\n\n## How it works\n\n`gsc-trapped.exe` first determines a whitelist of resources required to perform the conversion.  It then \nexecs a child process within a strongly contained sandbox to perform the task. The whitelist of allowed resources \nis dynamically constructed by determining the input file and output file/directory from the supplied \ncommand-line arguments. The Ghostscript interpreter's access rights is restricted and it may only access:\n\n *  Read only access to the Windows Fonts directory.\n *  Read only access to application-level registry keys (HKLM\\Software\\GPL Ghostscript).\n *  Read only access to Ghostscript's lib folder resources.\n *  Read only access to the input file.\n *  Write access to the user-level Temp directory.\n *  Write access to the output directory (OutputFile).\n\nThe sandbox also constrains the execution process on an isolated desktop session to prevent \n[shatter attacks](http://en.wikipedia.org/wiki/Shatter_attack) and limits IPC and other potential\nescape vectors.\n\n\n## Release History\n\n### [1.6.10.04.0] - 2025-04-10\n * Updated to GhostScript 10.04.0 (2024-09-18).\n * Installer now silently installs the same Visual Studio C++ runtime (Build 14.29.30153, x64) as GhostScript installers would, no longer breaking `/VERYSILENT` installation flags.\n\n### [1.5.10.03.1] - 2024-08-09\n * Installer compatible with ARM64 Windows.\n\n### [1.4.10.03.1] - 2024-07-17\n * Updated to Ghostscript 10.03.1 (2024-05-02).\n * Updated to the latest Chromium Sandbox (as of [2024-07-16](https://chromium.googlesource.com/chromium/src/+/c067d47d154d8a6cf56ee8ac7e7b9a9a8b6f9a6f)).\n * Installer dependency check for the Visual Studio C++ runtime.\n\n### [1.4.10.02.1] - 2023-11-10\n * Updated to Ghostscript 10.02.1.20231101.\n * Updated to the latest Chromium Sandbox (as of [2023-11-03](https://chromium.googlesource.com/chromium/src/+/b2d264b1585bd0d583a49dd91866e7d0ea02d387)).\n \n### [1.4.10.00] - 2023-01-06 (internal)\n * Updated to Ghostscript 10.00.0.20220921.\n * Updated to the latest Chromium Sandbox (as of [2022-12-15](https://chromium.googlesource.com/chromium/src/+/1a554a4863f66c922398e91691212a54a8f11ea0)).\n * Fixed the sandbox tests to no longer report a missing output file.\n * Fixed the sandbox failure tests to run when requested.\n * Fixed the display of the version help (-h).\n\n### [1.3.9.27] - 2019-06-14\n *  __Breaking change: installer now includes 64-bit binaries only.__\n *  Updated to Ghostscript 9.27.\n *  Updated to the latest Chromium Sandbox (as of [2019-04-14](https://chromium.googlesource.com/chromium/src/+/2d57e5b8afc6d01b344a8d95d3470d46b35845c5)).\n *  The build script now builds 64-bit binaries (only). The architecture is no longer part of the executable names. I.e.\n    `win32` and `win64` are dropped from the names.\n *  For backwards compatibility (path references to binaries), the installer script copies the 64-bit binaries to their\n    old 32-bit named equivalents. E.g. `gswin32c-trapped.exe` is a copy of `gsc-trapped.exe`.\n\n### [1.2.9.10] - 2013-10-11\n *  Updated to Ghostscript 9.10.\n\n### [1.2.9.07] - 2013-03-04\n *  Addressed an issue that would result in Ghost Trap returning the wrong exit code.\n\n### [1.1.9.07] - 2013-03-01\n *  Updated to Ghostscript 9.07.\n *  `-dSAFER` is now an enforced default.\n *  Updated license to Affero GPL.\n *  Minor code cleanup to remove some FIXME's.\n\n### [1.0.9.06] - 2013-01-14 \n *  Initial public release.\n\n\n## Future\n\nThe following future refinements are planned:\n\n *  Sandbox other executables in the GhostPDL project (e.g `pcl6.exe`).\n *  Support custom FONT and LIB paths defined on the command line (read only access).\n *  Look at sandbox options on Linux.\n\n\n## Authors\n\n![PaperCut Software Logo](http://www.papercut.com/images/logo_papercut.png)\n\n*Ghost Trap* is open source software developed by Chris Dance with the support of \n[PaperCut Software](http://www.papercut.com/).\n\n\n### Requirements\n\n *  Visual Studio 2019 or 2017\n *  [Inno Setup 6.3](http://www.jrsoftware.org/isinfo.php)\n\n\n## Building\n\n 1. Check out the [Ghost Trap Source Code](https://github.com/PaperCutSoftware/GhostTrap).\n\n 2. Follow the [Chromium source checkout and build instructions](https://chromium.googlesource.com/chromium/src/+/master/docs/windows_build_instructions.md).\n\n     *  When creating the `chromium` directory for source checkout, create it at `GhostTrap/third-party/chromium`.\n     *  Take note of the `--no-history` flag to `fetch`, which will significantly speed up the checkout.\n     *  Ensure that `gn gen out\\Default` runs successfully.\n     *  The Visual Studio setup steps are not necessary.\n\n 3. Download the [GhostPDL source](https://www.ghostscript.com/download/gpdldnld.html) to\n    `GhostTrap/third-party/ghostpdl`.\n\n 4. Compile 64-bit binaries for Ghostscript, GhostPCL and GhostXPS. At the time of writing, this involved:\n\n     *  Opening `ghostpdl/windows/GhostPDL.sln` in Visual Studio to trigger a project structure upgrade.\n     *  Running `msbuild windows/GhostPDL.sln /p:Configuration=Release /p:Platform=x64` from the Developer Command\n        Prompt.\n\n 5. Run the `GhostTrap/build.bat` build script from the Developer Command Prompt.\n\n    The installer will be output to `GhostTrap/target/ghost-trap-installer-${version}.exe`.\n\n\n## License\n\n*Ghost Trap* is open source software licensed under the Affero GPL:\n\n    Copyright (c) 2012-2025 PaperCut Software Pty Ltd http://www.papercut.com/\n\n    This program is free software: you can redistribute it and/or modify\n    it under the terms of the GNU Affero General Public License as\n    published by the Free Software Foundation, either version 3 of the\n    License, or (at your option) any later version.\n\n    This program is distributed in the hope that it will be useful,\n    but WITHOUT ANY WARRANTY; without even the implied warranty of\n    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\n    GNU Affero General Public License for more details.\n\n    You should have received a copy of the GNU Affero General Public License\n    along with this program.  If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\n[1.6.10.04.0]: TBA\n[1.5.10.03.1]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.4.10.03.1...v1.5.10.03.1\n[1.4.10.03.1]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.4.10.02.1...v1.4.10.03.1\n[1.4.10.02.1]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.4.10.00...v1.4.10.02.1\n[1.4.10.00]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.3.9.27...v1.4.10.00\n[1.3.9.27]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.2.9.10...v1.3.9.27\n[1.2.9.10]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.2.9.07...v1.2.9.10\n[1.2.9.07]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.1.9.07...v1.2.9.07\n[1.1.9.07]: https://github.com/PaperCutSoftware/GhostTrap/compare/v1.0.9.06...v1.1.9.07\n[1.0.9.06]: https://github.com/PaperCutSoftware/GhostTrap/releases/tag/v1.0.9.06\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpapercutsoftware%2Fghosttrap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpapercutsoftware%2Fghosttrap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpapercutsoftware%2Fghosttrap/lists"}