Bug#316154: marked as done (texmf.cfg: Close possible security problem)
Your message dated Mon, 28 Dec 2009 16:29:39 +0100
with message-id <20091228152939.GA748@PC23>
and subject line Re: texmf.cfg: Close possible security problem
has caused the Debian Bug report #316154,
regarding texmf.cfg: Close possible security problem
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
316154: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316154
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: texmf.cfg: Close possible security problem
- From: Joachim Breitner <nomeata@debian.org>
- Date: Tue, 28 Jun 2005 22:05:16 +0200
- Message-id: <E1DnMKa-0004ch-E0@localhost.localdomain>
Package: tetex-bin
Version: 2.0.2-30
Severity: normal
Hi,
the shipped /etc/texmf/texmf.cfg has the following lines:
openout_any = p
openin_any = a
While the first line is so far ok, the second line means, that any LaTeX
code run on this machine has read-access like the user it runs as, that
includes /etc/passwd, ~/.ssh/id_rsa, ~/other_sensitive_file.
This by itself is no problem, but it is actually quite easy to make a
user compile mal LaTeX code and make him send you the file before he has
a look at it or, using some TeX-magick, make the read text not visible
(white on white, or very small...).
This is also a problem for i.e. webservices, that include LaTeX
capabilities.
Changeing the line to
openin_any = p
solves this problem.
Thanks,
Joachim
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.10.otto
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Versions of packages tetex-bin depends on:
ii debconf 1.4.51 Debian configuration management sy
ii debianutils 2.14.1 Miscellaneous utilities specific t
ii dpkg 1.13.9 Package maintenance system for Deb
ii ed 0.2-20 The classic unix line editor
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libgcc1 1:4.0.0-11 GCC support library
ii libice6 4.3.0.dfsg.1-14 Inter-Client Exchange library
ii libkpathsea3 2.0.2-30 path search library for teTeX (run
ii libpaper1 1.1.14-3 Library for handling paper charact
ii libpng12-0 1.2.8rel-1 PNG library - runtime
ii libsm6 4.3.0.dfsg.1-14 X Window System Session Management
ii libstdc++5 1:3.3.6-7 The GNU Standard C++ Library v3
ii libt1-5 5.0.2-3 Type 1 font rasterizer library - r
ii libwww0 5.4.0-9 The W3C WWW library
ii libx11-6 4.3.0.dfsg.1-14 X Window System protocol client li
ii libxaw7 4.3.0.dfsg.1-14 X Athena widget set library
ii libxext6 4.3.0.dfsg.1-14 X Window System miscellaneous exte
ii libxmu6 4.3.0.dfsg.1-14 X Window System miscellaneous util
ii libxt6 4.3.0.dfsg.1-14 X Toolkit Intrinsics
ii mime-support 3.34-1 MIME files 'mime.types' & 'mailcap
ii perl 5.8.7-3 Larry Wall's Practical Extraction
ii sed 4.1.4-2 The GNU sed stream editor
ii tetex-base 2.0.2c-8 Basic library files of teTeX
ii ucf 1.18 Update Configuration File: preserv
ii xlibs 4.3.0.dfsg.1-14 X Keyboard Extension (XKB) configu
ii zlib1g 1:1.2.2-4 compression library - runtime
Versions of packages tetex-bin recommends:
ii perl-tk 1:800.025-2 Perl module providing the Tk graph
ii psutils 1.17-17 A collection of PostScript documen
pn texi2html <none> (no description available)
ii whiptail 0.51.6-26 Displays user-friendly dialog boxe
-- debconf information:
tetex-bin/upd_map: true
tetex-bin/cnf_name:
tetex-bin/fmtutil: true
tetex-bin/fmtutil-failed:
tetex-bin/userperm: false
tetex-bin/updmap-failed:
tetex-bin/hyphen: french[=patois], ngerman[=naustrian-neue_Rechtschreibung]
tetex-bin/oldcfg: true
tetex-bin/use_debconf: false
tetex-bin/groupname: users
tetex-bin/groupperm: true
tetex-bin/lsr-perms: true
--- End Message ---
--- Begin Message ---
- To: Joachim Breitner <nomeata@debian.org>, 316154-done@bugs.debian.org
- Subject: Re: texmf.cfg: Close possible security problem
- From: Hilmar Preusse <hille42@web.de>
- Date: Mon, 28 Dec 2009 16:29:39 +0100
- Message-id: <20091228152939.GA748@PC23>
- In-reply-to: <E1DnMKa-0004ch-E0@localhost.localdomain>
- References: <E1DnMKa-0004ch-E0@localhost.localdomain>
On 28.06.05 Joachim Breitner (nomeata@debian.org) wrote:
> Package: tetex-bin
> Version: 2.0.2-30
> Severity: normal
Hi,
> the shipped /etc/texmf/texmf.cfg has the following lines:
>
> openout_any = p
> openin_any = a
>
> While the first line is so far ok, the second line means, that any LaTeX
> code run on this machine has read-access like the user it runs as, that
> includes /etc/passwd, ~/.ssh/id_rsa, ~/other_sensitive_file.
>
> This by itself is no problem, but it is actually quite easy to make a
> user compile mal LaTeX code and make him send you the file before he has
> a look at it or, using some TeX-magick, make the read text not visible
> (white on white, or very small...).
>
> This is also a problem for i.e. webservices, that include LaTeX
> capabilities.
>
> Changeing the line to
> openin_any = p
> solves this problem.
>
As discussed in the bug it should be the duty of the maintainer
running such a web service to harden the system himself. In
tex-common of Debian stable the followinf comment is in
/etc/texmf/texmf.d/95NonPath.cnf
% Allow TeX \openin, \openout, or \input on filenames starting with
% `.'
% (e.g., .rhosts) or outside the current tree (e.g., /etc/passwd)?
% a (any) : any file can be opened.
% r (restricted) : disallow opening "dotfiles".
% p (paranoid) : as 'r' and disallow going to parent directories,
% and
% restrict absolute paths to be under $TEXMFOUTPUT.
openout_any = p
openin_any = a
Hope this is sufficient to assume the bug to be solved. -> Closing.
H.
--
sigmentation fault
--- End Message ---
Reply to: