Wed, 17 Jul 2002 17:34:19 +0200
On 2002-07-17 10:23:56 -0500, Jeff Licquia wrote:
> On Wed, 2002-07-17 at 04:35, Martin SchrÃ¶der wrote:
> > On 2002-07-17 00:44:21 -0400, Simon Law wrote:
> > > I can imagine latex.ltx containing a couple extra
> > > \openin15=.ssh/identity , \openin15=.gnupg/secring.gpg and
> > > \openout15=.shrc commands as put there by someone who has cracked an
> > This is not possible on a default TeX installation.
> [quotes about security protections removed]
> So you agree that LaTeX can be the source of a security hole. Having
The default installation of teTeX makes it extremly difficult (if
not impossible) to open any security holes. If you are really
concerned about security in TeX, you could and should enhance the
web2c TeX distribution, not LaTeX.
P.S.: Your fear of security holes in LaTeX borders on either
ludicrious or paranoid (seen from 25 years of TeX history);
it is at best very hypothecial.
P.P.S.: The same potential "security problems" are relevant to
plain.tex, which everyone except Donald Knuth is
forbidden to change. Are you going to stop distributing
Martin Schröder, [log in to unmask]
ArtCom GmbH, Grazer Straße 8, D-28359 Bremen
Voice +49 421 20419-44 / Fax +49 421 20419-10