Hi Dmitry,
even their own website
https://wkhtmltopdf.org/status.html
says:
*Do not use wkhtmltopdf with any untrusted HTML* – be sure to
sanitize any user-supplied HTML/JS, otherwise it can lead to
complete takeover of the server it is running on! Please consider
using a Mandatory Access Control system like AppArmor or SELinux,
see recommended AppArmor policy <https://wkhtmltopdf.org/apparmor.html>.
Wouldn't it be more than enough or a reason to throw this out of
debian/ubuntu, until they fixed this?
regards
Hadmut
