Re: Bug#23576: tetex-base: no write-permissions on public font directories
krisrose@sauternes.ens-lyon.fr writes:
> Package: tetex-base
> Version: 0.9-7
>
> When the user first hits an ungenerated font then "permission denied"
> messages are plentiful... :)
The fonts get generated correctly, but it is a security problem to let
everybody write the ls-R file.
>
> I believe that the permissions of the directory /var/spool/texmf should
> be 1777 and of /var/spool/texmf/ls-R should be 0666.
No. ls-R should not be wordwritable. Please look into the Debian
policy.
TeX can find the generated fonts even without them noted in the ls-R
file. But to speed it up they can be in the ls-R file. For this reason
there is a cronjob every day which updates the ls-R files.
>
> Also I propose to make the main configuration file a link:
>
> /usr/lib/texmf/web2c/texmf.cnf -> /etc/texmf.cnf
>
> This *is* meant to be a user-available file (and most changes do not
> require regeneration of formats).
The links exists:
# ls -l /usr/lib/texmf/web2c/texmf.cnf
lrwxrwxrwx 1 root root 20 Jun 15 14:20 /usr/lib/texmf/web2c/texmf.cnf -> /etc/texmf/texmf.cnf
>
> Finally, it would be very nice if the hierarchy was under /usr/share/texmf
> rather than /usr/lib/texmf since the texmf hierarchy was designed to be
> sharable this way ... and it will also make it much easier to make
> "installers" for things such as the TeX Live 3 CD-ROM we're just now issuing.
We have to discuss this. What do others (debian-devel) say to this
point?
>
> Thanks for having an up to date teTeX as a Debian package again :)
Pas de quoi.
Christoph
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: