27 Oct 2010 chalst   » (Master)

Texlive 2010 has restricted shell \write18
...which is, I think a good thing. It was discussed for Texlive 2009, but didn't make it because of worries to do with restricted shell access to binaries which themselves had shell escaping.

I only discovered this feature through a post on the new tex.stackexchange.com website, How should one use \write18 with BibTeX? I asked a follow-up question, What analysis of Texlive's restricted permissions model exists?, and the answers so far don't seem to suggest that much in the way of security modelling, however informal, has been done by the Texlive team. Joseph Wright did, however, post a link to a USENIX paper, Are Text-Only Data Formats Safe? Or, Use This LATEX Class File to Pwn Your Computer, which is something like a survey of attack vectors through Latex, with proof-of-concept implementations in the context of Miktex on Windows. They make the point that, besides class and style files, Bibtex entries, typically shared without close examination, suffice for an exploit.

I'd be grateful, and reassured, to learn of more work that has been done on this.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!