On Jan 17, Reinhard Kotucha wrote:
> >>>>> "Giuseppe" == Giuseppe Ghibò <[EMAIL PROTECTED]> writes:
>
> > Furthermore in output pipe we could have different level of
> > security, so to have both tex users as well as unix sysadmin
> > happy (the latter mainly because dvips is for instance used in
> > some printer filter which could run with root privileges):
>
> Are there any systems where printer filters has to run with root
> privileges? On my sytem it's run as user "lp" which is, of course,
> more secure.
doesn't matter. think about the following example:
BadGuy:
cd /tmp
echo 'o rm -rf $HOME/.' > config.ps
GoodGuy:
cd /tmp
echo 'Help! \bye' > baz.tex
tex baz
dvips baz
...
a test for non-writable directory for "trusted" config.ps is not an option either.
example 1: BadGuy has bad config.ps in his $HOME and asks GoodGuy to help him,
texing/dvipsing an example in ~BadGuy/.
example 2: first place config.ps trojan in some directory, then chmod -w .
Harald Koenig
--
"I hope to die ___ _____
before I *have* to use Microsoft Word.", 0--,| /OOOOOOO\
Donald E. Knuth, 02-Oct-2001 in Tuebingen. <_/ / /OOOOOOOOOOO\
\ \/OOOOOOOOOOOOOOO\
\ OOOOOOOOOOOOOOOOO|//
Harald Koenig \/\/\/\/\/\/\/\/\/
science+computing ag // / \\ \
[EMAIL PROTECTED] ^^^^^ ^^^^^
