[Pmwiki-users] LinuxTex Security
Nils Knappmeier
nk
Thu Dec 9 05:31:37 CST 2004
Hi,
the comments in the linuxtex-cookbook-recipe say, that it is not very safe.
To be specific, it is very easy to read any file on the server by just
using something like
{$ 1 $ \input{/etc/passwd} $ 2 $}
I don't know how to remove this vulnerablity completely. (Just
filtering \input) might not be enough, since it might be hidden in other
commands as well.
Nils
---------------------------------------------
home: http://www.knappi.org
icq: 11786572
The great thing about being the only species that makes
a distinction between right and wrong is that we can
make up the rules for ourselves as we go along.
Douglas Adams, Last Chance To See...
More information about the pmwiki-users
mailing list