Mime-Version:
1.0
Date:
Wed, 17 Jul 2002 17:34:19 +0200
Content-Type:
text/plain; charset=iso-8859-1
Organization:
ArtCom GmbH, Grazer Strasse 8, D-28359 Bremen
Content-Transfer-Encoding:
8bit
|
On 2002-07-17 10:23:56 -0500, Jeff Licquia wrote:
> On Wed, 2002-07-17 at 04:35, Martin Schröder wrote:
> > On 2002-07-17 00:44:21 -0400, Simon Law wrote:
> > > I can imagine latex.ltx containing a couple extra
> > > \openin15=.ssh/identity , \openin15=.gnupg/secring.gpg and
> > > \openout15=.shrc commands[2] as put there by someone who has cracked an
> >
> > This is not possible on a default TeX installation.
>
> [quotes about security protections removed]
>
> So you agree that LaTeX can be the source of a security hole. Having
No.
The default installation of teTeX makes it extremly difficult (if
not impossible) to open any security holes. If you are really
concerned about security in TeX, you could and should enhance the
web2c TeX distribution, not LaTeX.
Best regards
Martin
P.S.: Your fear of security holes in LaTeX borders on either
ludicrious or paranoid (seen from 25 years of TeX history);
it is at best very hypothecial.
P.P.S.: The same potential "security problems" are relevant to
plain.tex, which everyone except Donald Knuth is
forbidden to change. Are you going to stop distributing
that?
--
Martin Schröder, [log in to unmask]
ArtCom GmbH, Grazer Straße 8, D-28359 Bremen
Voice +49 421 20419-44 / Fax +49 421 20419-10
|
|
|