Re: Bug#316154: texmf.cfg: Close possible security problem

To: debian-tetex-maint@lists.debian.org
Cc: 316154@bugs.debian.org, Joachim Breitner <nomeata@debian.org>
Subject: Re: Bug#316154: texmf.cfg: Close possible security problem
From: Richard Lewis <rtf@jabble.com>
Date: Wed, 29 Jun 2005 12:32:51 +0100
Message-id: <[🔎] 5qhdfhpfdo.fsf@ma8.sees.bangor.ac.uk>
Mail-followup-to: debian-tetex-maint@lists.debian.org
References: <[🔎] E1DnMKa-0004ch-E0@localhost.localdomain>

Joachim Breitner <nomeata@debian.org> writes:

> the shipped /etc/texmf/texmf.cfg has the following lines:
>
> openout_any = p
> openin_any = a
>
> While the first line is so far ok, the second line means, that any LaTeX
> code run on this machine has read-access like the user it runs as, that
> includes /etc/passwd, ~/.ssh/id_rsa, ~/other_sensitive_file.

> Changeing the line to
> openin_any = p
> solves this problem.

that would disallow the situation where you have

dir/
 subsections/
  notation.tex
 documents/
  master1.tex
  master2.tex

in which both master1 and master2 have
\include{../subsections/notation.tex}.

You could use openin_any = r which just disallows opening dotfiles.
But in any case I think this is a social problem rather than a
software problem (you could just as easily send the user a shell
script for them to run and send you the output (which could be
encrypted or a postscript file as in the original example), as cat
will happily access any file you can read, but i dont see people
calling cat insecure!)

Reply to:

References:
- Bug#316154: texmf.cfg: Close possible security problem
  - From: Joachim Breitner <nomeata@debian.org>

Prev by Date: Re: Subversion move
Next by Date: Re: Subversion move
Previous by thread: Bug#316154: [tex-live] Re: Bug#316154: texmf.cfg: Close possible security problem
Next by thread: Bug#316214: /usr/bin/bibtex: bibtex reports an error where it should give a warning
Index(es):
- Date
- Thread