Re: SVN tex-common commit: r4812 - in tex-common/trunk: conf/texmf.d debian debian/po
On Di, 29 Mär 2011, Frank Küster wrote:
> > - disable shell_escape completely, fix for DSA-2198-1, CVE-2011-1400
>
> Is the rationale for this change somewhere documented? Will upstream
> follow the same reasoning?
Reason: arbitrary code execution
upstream ha retracted before the releae of TL2009, but we forgot
to follow that in our texmf.cnf in tex-common. It was some time
in TL2009 dev cycle.
For TL2010 this was activated again for a very limited amount
of programs where we verfied that no arbitrary writing outside
the local dir etc can be done.
Best wishes
Norbert
------------------------------------------------------------------------
Norbert Preining preining@{jaist.ac.jp, logic.at, debian.org}
JAIST, Japan TeX Live & Debian Developer
DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
------------------------------------------------------------------------
BANFF
Pertaining to, or descriptive of, that kind of facial expression which
is impossible to achieve except when having a passport photograph
taken.
--- Douglas Adams, The Meaning of Liff
Reply to: