Re: Braindump: Can we get rid of the font-cache-group question?
Ralf Stubner <ralf.stubner@web.de> wrote:
> Considering all the many files that are created during normal use,
> using TeX and especially LaTeX in a world writable directory is stupid
> because it offers so many possibilities for attacks.
That is true.
> Or maybe not. In texmf.cnf we have
>
> % Allow TeX \openin, \openout, or \input on filenames starting with `.'
> % (e.g., .rhosts) or outside the current tree (e.g., /etc/passwd)?
> % a (any) : any file can be opened.
> % r (restricted) : disallow opening "dotfiles".
> % p (paranoid) : as 'r' and disallow going to parent directories, and
> % restrict absolute paths to be under $TEXMFOUTPUT.
> openout_any = p
> openin_any = a
>
> However, metafont does not semm to honour these settings. I still think
> that working in a world writable directory is a bad idea. But a RFE for
What's that? Request For Enhancement?
Does someone work on a Metafont fork?...
> metafont might still make sense. I don't think it makes sense trying to
> catch this in the mktex* scripts.
Somehow, I have the impression that trying to fix all this will be very
difficult (especially if software such as MetaFont has to be fixed)---at
least, I am not competent at all about \openin and such things. So,
unless you are willing to do that yourself, I'd stick to tell users not
to compile their documents in world-writable directories...
(I can analyse shell code snippets, but I'm not a TeX guru)
>> I don't know. BTW, what is it about DOS here? A /bin/sh port for DOS?
>> Because DOS doesn't have cp, chmod...
>
> I was only refering to the comment in the code about DOS having problems
> moving files to deeply nested directories. I have no idea what problem
> this comment is refering to.
Yes, I understood you were referring to that comment, but I am no more
enlightened than you. Anyway, DOS is dead. I was just curious about
these Unix commands running there.
Regards,
--
Florent
Reply to: