Re: Bug#316154: texmf.cfg: Close possible security problem
Joachim Breitner <nomeata@debian.org> writes:
> the shipped /etc/texmf/texmf.cfg has the following lines:
>
> openout_any = p
> openin_any = a
>
> While the first line is so far ok, the second line means, that any LaTeX
> code run on this machine has read-access like the user it runs as, that
> includes /etc/passwd, ~/.ssh/id_rsa, ~/other_sensitive_file.
> Changeing the line to
> openin_any = p
> solves this problem.
that would disallow the situation where you have
dir/
subsections/
notation.tex
documents/
master1.tex
master2.tex
in which both master1 and master2 have
\include{../subsections/notation.tex}.
You could use openin_any = r which just disallows opening dotfiles.
But in any case I think this is a social problem rather than a
software problem (you could just as easily send the user a shell
script for them to run and send you the output (which could be
encrypted or a postscript file as in the original example), as cat
will happily access any file you can read, but i dont see people
calling cat insecure!)
Reply to: