--- groff-1.19.1/src/roff/troff/input.cpp.safer	2004-05-05 18:41:58.000000000 +0200
+++ groff-1.19.1/src/roff/troff/input.cpp	2005-01-12 13:27:33.947740912 +0100
@@ -5444,20 +5444,35 @@ void source()
   if (nm.is_null())
     skip_line();
   else {
+    char cbuf[PATH_MAX], * cwd;
+    char pbuf[PATH_MAX], * path;
+    struct stat st;
+
     while (!tok.newline() && !tok.eof())
       tok.next();
-    errno = 0;
-    FILE *fp = include_search_path.open_file_cautious(nm.contents());
-    if (fp)
-      input_stack::push(new file_iterator(fp, nm.contents()));
-    else
-      error("can't open `%1': %2", nm.contents(), strerror(errno));
+
+    if ((cwd = realpath(".", cbuf)) == NULL)
+      error("realpath on `%1' failed: %2", ".", strerror(errno));
+    else if ((path = realpath(nm.contents(), pbuf)) == NULL)
+      error("realpath on `%1' failed: %2", nm.contents(), strerror(errno));
+    else if (safer_flag && strncmp(cwd, path, strlen(cwd)))
+      error("won't source `%1' outside of `%2' without -U flag", path, cwd);
+    else if (stat(path, &st) < 0)
+      error("can't stat `%1': %2", path, strerror(errno));
+    else if (safer_flag && !S_ISREG(st.st_mode))
+      error("won't source non-file `%1' without -U flag", path);
+    else {
+      errno = 0;
+      FILE *fp = fopen(path, "r");
+      if (fp)
+        input_stack::push(new file_iterator(fp, nm.contents()));
+      else
+        error("can't open `%1': %2", path, strerror(errno));
+    }
     tok.next();
   }
 }
 
-// like .so but use popen()
-
 void pipe_source()
 {
   if (safer_flag) {