[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: forwarded message from Jeff Licquia

On 2002-07-17 00:44:21 -0400, Simon Law wrote:
> 	I can imagine latex.ltx containing a couple extra
> \openin15=.ssh/identity , \openin15=.gnupg/secring.gpg and
> \openout15=.shrc commands[2] as put there by someone who has cracked an

This is not possible on a default TeX installation.

<quote src="http://www.tug.org/web2c/manual/web2c_4.html";>
TeX can write output files, via the \openout primitive; this
opens a security hole vulnerable to Trojan horse attack: an
unwitting user could run a TeX program that overwrites, say,
`~/.rhosts'. (MetaPost has a write primitive with similar
implication). To alleviate this, there is a configuration
variable `openout_any'; by default, this is set to `0', which
disallows writing to any filename beginning with `.' except
`.tex' (for the sake of the LaTeX distribution). If set to `1',
any file can be written. In any case, all \openout filenames are
recorded in the log file, except those opened on the first line
of input, which is processed when the log file has not yet been
opened. (If you as a TeX administrator wish to implement more
stringent rules on \openout, modifying the function openoutnameok
in `web2c/lib/texmfmp.c' is intended to suffice.) 
...
`-shell-escape'
Enable the `\write18{shell-command}' feature. This is also
enabled if the environment variable or config file value
`shell_escape' is set to anything non-null that does not start
with `n' or `0'. It is disabled by default to avoid security
problems. When enabled, the shell-command string (which first
undergoes the usual TeX expansions, just as in `\special') is
passed to the command shell (via the C library function
`system'). The output of shell-command is not diverted anywhere,
so it will not appear in the log file. The system call either
happens at `\output' time or right away, according to the absence
or presence of the `\immediate' prefix, as usual for \write. (If
you as a TeX administrator wish to implement more stringent rules
on what can be executed, you will need to modify `tex.ch'.) 
</quote>

Best regards
        Martin
-- 
               Martin Schröder, MS@ArtCom-GmbH.DE
          ArtCom GmbH, Grazer Straße 8, D-28359 Bremen
          Voice +49 421 20419-44 / Fax +49 421 20419-10


-- 
To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: