Hi,
I have directly communicated with George Tourlakis <[EMAIL PROTECTED]>
about our experiences with texconfig. It is interesting to note that one
major similarity is we both attempted to add a second texmf tree to hold
all file changes (TEXMFVAR) sometime after the original installation.
On Thu, Jun 15, 2000 at 11:44:16PM +0200, Reinhard Kotucha wrote:
> > "Julian" == Julian Gilbey <[EMAIL PROTECTED]> writes:
>
> > The "find" suggestion is more interesting, perhaps. Maybe the
> > output of the find commands should be piped into something like
> > "grep '^[-A-Za-z
Hi,
here are my conclusions and a few answers to questions and comments
about this subject.
- using find / xargs
xargs fails as soon as filenames contain whitespace (space or newline)
- using find ... -print0 | xargs -0
That works fine with GNU tools, but I cannot assume that these are
i
> > > I am trying to find out if it is possible for the texconfig program
> > > within teTeX 1.0.6 to wipe out a hard disk. Right now it is my
> I've noticed that in texconfig the 'basic-UNIX-commands' like rm and ln are
> not being used with a COMPLETE path like /usr/bin/rm.
> This could be a
On Thu, Jun 15, 2000 at 11:44:16PM +0200, Reinhard Kotucha wrote:
> > "Julian" == Julian Gilbey <[EMAIL PROTECTED]> writes:
>
> > The "find" suggestion is more interesting, perhaps. Maybe the
> > output of the find commands should be piped into something like
> > "grep '^[-A-Za-z
> "Julian" == Julian Gilbey <[EMAIL PROTECTED]> writes:
> The "find" suggestion is more interesting, perhaps. Maybe the
> output of the find commands should be piped into something like
> "grep '^[-A-Za-z0-9./_]*$'" or whatever, and that operated on
> using xargs. Whatever.
On Thu, 15 Jun 2000, Karsten Tinnefeld wrote:
> In general, only three ways can really help, where at my site, version
> 3 is the preferred ones to our system administrators:
>
> + Turn everythink into a taint checking perl script, or, even more secure, a
> c program.
>
> + Use a setuid-manag
Julian Gilbey <[EMAIL PROTECTED]> writes:
> On Thu, Jun 15, 2000 at 10:01:39AM +0200, Hendri Hondorp wrote:
> > I've noticed that in texconfig the 'basic-UNIX-commands' like rm and ln are
> > not being used with a COMPLETE path like /usr/bin/rm.
> > This could be a problem if someone has made an
On 14 Jun 2000 20:22:06 -0400, Ed L Cashin wrote:
> Thomas Esser <[EMAIL PROTECTED]> writes:
>
> > Dear Ryan,
> >
> > > I am trying to find out if it is possible for the texconfig program
> > > within teTeX 1.0.6 to wipe out a hard disk. Right now it is my
> >
> > Yes, I fear that this is true. Y
> > > I am trying to find out if it is possible for the texconfig program
> > > within teTeX 1.0.6 to wipe out a hard disk. Right now it is my
> I notice there are several places where there's a "find" command with
> -exec on the found files. Could it be that maliciously-constructed
> filenames
Karsten Tinnefeld <[EMAIL PROTECTED]> writes:
...
> This however does not help in case $PATH and $IFS are not trusted.
That reminds me that texconfig in a different place adds `pwd` to the
front of the $PATH, meaning that if the pwd is, e.g., /tmp and there
is, e.g., a script named "kpsewhich" t
On Thu, Jun 15, 2000 at 10:01:39AM +0200, Hendri Hondorp wrote:
> I've noticed that in texconfig the 'basic-UNIX-commands' like rm and ln are
> not being used with a COMPLETE path like /usr/bin/rm.
> This could be a problem if someone has made an alias for these commands or
> $PATH is changed.
>
Forwarded message:
> From [EMAIL PROTECTED] Wed Jun 14 15:33:30 2000
> Date: Wed, 14 Jun 2000 15:25:50 +0200 (MET DST)
> From: Thomas Esser <[EMAIL PROTECTED]>
> Message-Id: <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED], [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> S
Thomas Esser <[EMAIL PROTECTED]> writes:
> Dear Ryan,
>
> > I am trying to find out if it is possible for the texconfig program
> > within teTeX 1.0.6 to wipe out a hard disk. Right now it is my
>
> Yes, I fear that this is true. Your mail is the second report of such
> a misbehaviour. George
Thomas Esser <[EMAIL PROTECTED]> writes:
> Dear Ryan,
>
> > I am trying to find out if it is possible for the texconfig program
> > within teTeX 1.0.6 to wipe out a hard disk. Right now it is my
>
> Yes, I fear that this is true. Your mail is the second report of such
> a misbehaviour. George
Dear Ryan,
> I am trying to find out if it is possible for the texconfig program
> within teTeX 1.0.6 to wipe out a hard disk. Right now it is my
Yes, I fear that this is true. Your mail is the second report of such
a misbehaviour. George Tourlakis <[EMAIL PROTECTED]> has reported this
three mo
Hi all,
I am new to this list, but I haven't found an answer in the archives.
I am trying to find out if it is possible for the texconfig program
within teTeX 1.0.6 to wipe out a hard disk. Right now it is my
leading suspect for a system wipe I am recovering from. Here are the
details:
System
Fri, 9 Jun 2000 00:24:42 +0200 (MET DST)
From: Ryan Scott <[EMAIL PROTECTED]>
Resent-From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Can texconfig wipeout a harddisk?
Hi,
I am not sure who this should be going to, but I thought I would start
with
this list. If you know who the appr
te: Fri, 9 Jun 2000 01:43:22 +0200 (MET DST)
From: "C.M. Connelly" <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]
Resent-From: [EMAIL PROTECTED]
To: Ryan Scott <[EMAIL PROTECTED]>
cc: [EMAIL PROTECTED], "C.M. Connelly" <[EMAIL PROTECTED]>
Subject: Re: Can texconfig wi
19 matches
Mail list logo