Hi, Am Samstag, den 13.08.2005, 10:56 +0200 schrieb Hilmar Preusse: > On 29.06.05 Richard Lewis (rtf@jabble.com) wrote: > > Joachim Breitner <nomeata@debian.org> writes: > > > the shipped /etc/texmf/texmf.cfg has the following lines: > > > > > > openout_any = p > > > openin_any = a > > > > > > While the first line is so far ok, the second line means, that > > > any LaTeX code run on this machine has read-access like the user > > > it runs as, that includes /etc/passwd, ~/.ssh/id_rsa, > > > ~/other_sensitive_file. > > > > > Changeing the line to > > > openin_any = p > > > solves this problem. > > > > You could use openin_any = r which just disallows opening dotfiles. > > But in any case I think this is a social problem rather than a > > software problem (you could just as easily send the user a shell > > script for them to run and send you the output (which could be > > encrypted or a postscript file as in the original example), as cat > > will happily access any file you can read, but i dont see people > > calling cat insecure!) > > > Well, calling any unchecked code with Admin permissions is insecure. > Joachim, based on this statement, do you agree that this is not > really a bug, but rather wishlist or can even be closed? Anybody > needing more security than the normal texmf.cnf provides can change > that file himself. I guess this can be closed then. Maybe adding a comment above that config file line would be nice, saying maybe: // These settings are not secure when you process LaTeX files of // possibly doubtful origin. In this case, set openin_any = p Thanks, Joachim -- Joachim "nomeata" Breitner Debian Developer nomeata@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C JID: joachimbreitner@amessage.de | http://people.debian.org/~nomeata
Attachment:
signature.asc
Description: This is a digitally signed message part