On Wed, Jul 17, 2002 at 11:35:02AM +0200, Martin Schröder wrote: > On 2002-07-17 00:44:21 -0400, Simon Law wrote: > > I can imagine latex.ltx containing a couple extra > > \openin15=.ssh/identity , \openin15=.gnupg/secring.gpg and > > \openout15=.shrc commands[2] as put there by someone who has cracked an > > This is not possible on a default TeX installation.
Hmm, so dot-files are protected, but other files are not. That still leaves potential security holes. I wouldn't want to have my ~/Mail/debian-devel folder overwritten just because I process a document I receive, for example. Also, there is the possibility of *reading* files that it shouldn't, and embedding them in the output somehow. This might cause me to unknowingly publish a document that has my secret keys hidden in it. Richard Braakman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
