christoph martin writes: > [EMAIL PROTECTED] writes: >> Package: tetex-base >> Version: 0.9-7 >> >> When the user first hits an ungenerated font then "permission denied" >> messages are plentiful... :)
> The fonts get generated correctly, but it is a security problem to let > everybody write the ls-R file. But how much of a security risk is it? It would mean a normal user could clobber the file if he wanted to, which is a kind of denial of service attack. But are there any other risks? And how do those risks compare with the ability to base a denial of service attack on /var/cache/fonts (or whatever you call it) being world-writable? (mode 1777) In particular, would it be worth the trouble to use setgid (_not_ setuid) executables to allow for updating ls-R files and fonts without having them world-writable? Or would that be gross overkill? (Note that just making the executables setgid is not desirable, some scheme of aquiring and dropping permissions at the correct times has to be implemented for this to work.) [...] > TeX can find the generated fonts even without them noted in the ls-R > file. But to speed it up they can be in the ls-R file. For this reason > there is a cronjob every day which updates the ls-R files. Note that it is possible to create a texmf.cnf which ensures that generated fonts not mentioned in the ls-R file _won't_ be found. Just use !! in the definition of VARTEXFONTS. [...] > The links exists: > # ls -l /usr/lib/texmf/web2c/texmf.cnf > lrwxrwxrwx 1 root root 20 Jun 15 14:20 > /usr/lib/texmf/web2c/texmf.cnf -> /etc/texmf/texmf.cnf Incidentally, /etc/web2c/texmf.cnf might have been more appropriate. -- Olaf Weber -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
