[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Braindump: Can we get rid of the font-cache-group question?

Hi,

Ralf Stubner <ralf.stubner@web.de> wrote:

> problems as with a nonexistend TEXMFVAR. In addition, even though this
> would create files in /tmp, there seem to be no problems with 'unsafe
> file' creation. The mktex* utilities create only files that don't yet
> exist. 

But IMHO, there is a race condition: I think it is possible that
libkpathsea (or mktex*) checks and finds that /tmp/texfonts/somepkfile
does not exist; then the attacker quickly creates
/tmp/texfonts/somepkfile as a symlink to some file he wants to ovewrite;
and eventually, mktexpk writes the font data to that symlink, which is
baaad...

> Now I only hope that /tmp exists even on buildds.

I'd be surprised if it didn't.

-- 
Florent
Reply to: