Peter: I'm wanting to get responses from security experts, not TeX experts. Ideally, we want a security expert who's also a TeX expert.

But if it's one or the other, this question needs a security expert. In other words, someone who understands:
https://xkcd.com/327 - the famous Bobby Drop Tables story.

Bruno: Yes, my thoughts exactly, but better expressed. Thank you. And they could do much more than just remove a file.

They could, probably, execute an arbitrary command. Something that might escalate the exploit.

best regards


On Sat, Aug 25, 2018 at 9:24 PM, Peter Wilson <[log in to unmask]> wrote:


You might have had more responses if you had posted to https://tex.stackechange.com

Peter W.

On 24/08/18 18:10, Jonathan Fine wrote:
Hi Joseph

Thank you for your email on l3sys-shell. You wrote:

There are two broad questions we have. First, how do people feel about these concepts? We can see that there may be some security concerns, hence not adding directly to the expl3 core. However, as one has to be running with unrestricted shell escape anyway, we are not sure if providing macro wrappers makes these worse:

I'm not a security expert. Are you, Joseph? In any case, I've asked your question on stack exchange, and put a code review comment on github. Here's the URLs
I hope you'll get a useful response from a security expert.

best regards