From: "Peter Münster" <pmlists@free.fr>
To: mailing list for ConTeXt users <ntg-context@ntg.nl>
Subject: Re: ConTeXt Live not working
Date: Mon, 10 Nov 2008 09:26:14 +0100 [thread overview]
Message-ID: <20081110082614.GA32172@gaston.couberia.bzh> (raw)
In-Reply-To: <68bfdc900811092310l55d42f59pad89394851e47452@mail.gmail.com>
On Mon, Nov 10 2008, Yue Wang wrote:
>
> >
> > As to the live, I think a patched Lua file (loslib.c) can solve this problem:
> > remove the line
> > {"execute", os_execute},
> > in the static const luaL_Reg syslib[].
> >
>
> Moreover, if we do that, ConTeXt will not adapt to the "stripped down" LuaTeX.
> For example, mtxrun.lua contains many functions which depend on
> os.execute, and it even created some synonames as well:
> if not os.exec then os.exec = os.execute end
> if not os.spawn then os.spawn = os.execute end
> So, a simple line removal is not sufficient.
LuaTeX (and TeX/ConTeXt in general) is not compatible with security. The
cache for example must be writable for everyone. In my opinion, the only
options for live.contextgarden.net are:
- just don't care, if there is a problem, restore from backup
- chroot jail
- virtual machine with virtual disk in non-persistent mode (at boot time
the disk is always a fresh installation)
- perhaps some other ideas...
But adding security to LuaTeX seems to me too much work (a lot of
exceptions, heavy security audit, problems with cache, problems with
compatibility, and so on...).
Cheers, Peter
--
http://pmrb.free.fr/contact/
___________________________________________________________________________________
If your question is of interest to others as well, please add an entry to the Wiki!
maillist : ntg-context@ntg.nl / http://www.ntg.nl/mailman/listinfo/ntg-context
webpage : http://www.pragma-ade.nl / http://tex.aanhet.net
archive : https://foundry.supelec.fr/projects/contextrev/
wiki : http://contextgarden.net
___________________________________________________________________________________
next prev parent reply other threads:[~2008-11-10 8:26 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-09 11:35 Pablo Rodríguez
2008-11-09 12:24 ` Yue Wang
2008-11-09 17:15 ` Pablo Rodríguez
2008-11-10 5:08 ` Yue Wang
2008-11-10 5:11 ` Yue Wang
2008-11-10 5:47 ` Aditya Mahajan
2008-11-10 6:57 ` Yue Wang
2008-11-10 7:10 ` Yue Wang
2008-11-10 8:26 ` Peter Münster [this message]
2008-11-10 9:46 ` Yue Wang
2008-11-10 22:09 ` Diego Depaoli
2008-11-10 9:46 ` Hans Hagen
2008-11-10 10:12 ` Yue Wang
2008-11-10 10:38 ` Hans Hagen
2008-11-10 21:32 ` Patrick Gundlach
2008-11-10 9:51 ` Taco Hoekwater
2008-11-10 21:30 ` Patrick Gundlach
2008-11-09 12:32 ` Peter Münster
2008-11-09 17:18 ` Pablo Rodríguez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081110082614.GA32172@gaston.couberia.bzh \
--to=pmlists@free.fr \
--cc=ntg-context@ntg.nl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).