[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Braindump: Can we get rid of the font-cache-group question?

Florent Rougon <f.rougon@free.fr> wrote:

> Hi,
>
> Ralf Stubner <ralf.stubner@web.de> wrote:
>
>> problems as with a nonexistend TEXMFVAR. In addition, even though this
>> would create files in /tmp, there seem to be no problems with 'unsafe
>> file' creation. The mktex* utilities create only files that don't yet
>> exist. 
>
> But IMHO, there is a race condition: I think it is possible that
> libkpathsea (or mktex*) checks and finds that /tmp/texfonts/somepkfile
> does not exist; then the attacker quickly creates
> /tmp/texfonts/somepkfile as a symlink to some file he wants to ovewrite;
> and eventually, mktexpk writes the font data to that symlink, which is
> baaad...

Isn't this a general problem, no matter where the fonts are cached?  

And does it work at all?  He's allowed to create the symlink, but not to
change the file it points to.

Regards, Frank
-- 
Frank Küster
Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich
Debian Developer (teTeX)
Reply to: