* Two problems with current ruby scripts
@ 2006-10-25 8:19 Norbert Preining
2006-10-25 8:50 ` Hans Hagen
0 siblings, 1 reply; 3+ messages in thread
From: Norbert Preining @ 2006-10-25 8:19 UTC (permalink / raw)
Cc: Mike Bird
Dear all!
THe packages of ConTeXt I am currently preparing are tested by a user
and he send back the following questions/comments. Could you please
comment on this.
For the background: I install all the stubs from
scripts/context/stubs/unix
into /usr/bin, add a texmfstart stub that calls ruby with the right path
to texmfstart.rb.
----- Forwarded message from Mike Bird <mgb@yosemite.net> -----
> From: Mike Bird <mgb@yosemite.net>
> Subject: New texexec very confused
> To: debian-tex-maint@lists.debian.org
> Date: Tue, 24 Oct 2006 20:52:30 -0700
>
> The new ruby texexec is very confused. The problem of output
> defaulting to pdf instead of dvi has already been noted. Here
> are some additional problems:
>
> Command: texexec --output=dvips foo
> Should produce: foo.dvi
> Actually produces: foo.pdf
>
> Command: texexec --dvi foo
> Should produce: foo.dvi
> Actually produces: foo.dvi AND OVERWRITES foo.ps
>
> --Mike Bird
----- End forwarded message -----
----- Forwarded message from Mike Bird <mgb@yosemite.net> -----
> From: Mike Bird <mgb@yosemite.net>
> Subject: Is texmfstart secure?
> To: debian-tex-maint@lists.debian.org
> Date: Tue, 24 Oct 2006 21:08:53 -0700
>
> Package: context 2006.08.08-0.4
>
> If anyone who knows Ruby has time, can you tell if texmfstart is
> secure? I was really surprised to see client-server code. Even
> localhost services can lead to privilege escalation if not careful.
> For example, /usr/share/texmf/scripts/context/ruby/texmfstart.rb
> contains the following. I'm not a Ruby programmer but the comment
> leads me to think there is a potential problem here:
>
> # danger lurking
> buffer = ' ' * 260
> length = filemethod.call(filename,buffer,buffer.size)
> if length>0 then
> return buffer.slice(0..length-1)
>
> It looks like PRAGMA is trying to reinvent kpsewhich, integrate internet
> explorer, launch editors, and do a whole bunch of other stuff I haven't
> figured out. texexec should be a simple wrapper around tex or pdftex
> but it works via texmfstart.rb which is 2541 lines of Ruby - and that's
> a lot of Ruby. It may all be wonderful (I am not a Ruby programmer) but
> it makes me nervous.
>
> Is an older/simpler texexec still available?
>
> --Mike Bird
----- End forwarded message -----
Best wishes
Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining <preining@logic.at> Università di Siena
Debian Developer <preining@debian.org> Debian TeX Group
gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
TABLEY SUPERIOR (n.)
The look directed at you in a theatre bar in the interval by people
who've already got their drinks.
--- Douglas Adams, The Meaning of Liff
--
To UNSUBSCRIBE, email to debian-tex-maint-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Two problems with current ruby scripts
2006-10-25 8:19 Two problems with current ruby scripts Norbert Preining
@ 2006-10-25 8:50 ` Hans Hagen
2006-10-25 13:27 ` Mojca Miklavec
0 siblings, 1 reply; 3+ messages in thread
From: Hans Hagen @ 2006-10-25 8:50 UTC (permalink / raw)
Cc: Mike Bird, debian-tex-maint
Norbert Preining wrote:
> Dear all!
>
> THe packages of ConTeXt I am currently preparing are tested by a user
> and he send back the following questions/comments. Could you please
> comment on this.
>
> For the background: I install all the stubs from
> scripts/context/stubs/unix
> into /usr/bin, add a texmfstart stub that calls ruby with the right path
> to texmfstart.rb.
>
> ----- Forwarded message from Mike Bird <mgb@yosemite.net> -----
>
>> From: Mike Bird <mgb@yosemite.net>
>> Subject: New texexec very confused
>> To: debian-tex-maint@lists.debian.org
>> Date: Tue, 24 Oct 2006 20:52:30 -0700
>>
>> The new ruby texexec is very confused. The problem of output
>> defaulting to pdf instead of dvi has already been noted. Here
>> are some additional problems:
>>
>> Command: texexec --output=dvips foo
>> Should produce: foo.dvi
>> Actually produces: foo.pdf
>>
hm, i need to check that, maybe there is no dvips option
>> Command: texexec --dvi foo
>> Should produce: foo.dvi
>> Actually produces: foo.dvi AND OVERWRITES foo.ps
>>
>> --Mike Bird
>>
that's because the backend is called as well (dvips) ; the latest
version has a --nobackend option
> ----- End forwarded message -----
>
>
> ----- Forwarded message from Mike Bird <mgb@yosemite.net> -----
>
>> From: Mike Bird <mgb@yosemite.net>
>> Subject: Is texmfstart secure?
>> To: debian-tex-maint@lists.debian.org
>> Date: Tue, 24 Oct 2006 21:08:53 -0700
>>
>> Package: context 2006.08.08-0.4
>>
>> If anyone who knows Ruby has time, can you tell if texmfstart is
>> secure? I was really surprised to see client-server code. Even
>> localhost services can lead to privilege escalation if not careful.
>>
hm, if you don't invoke that code it's not used so there can hardly be a
leak then;
the server/client code is a bit experimental and is related to
distributed ruby code; imagine a situation where one has many (frozen)
tex trees on a server that is used for automated tex processing; in that
case, instead of calling kpsewhich each time, a service will keep the
file databases (for multiple trees) in memory etc etc ; as said, the
average user never enters this code, and it's not even loaded when your
system is not explicitly configured to do so
>> For example, /usr/share/texmf/scripts/context/ruby/texmfstart.rb
>> contains the following. I'm not a Ruby programmer but the comment
>> leads me to think there is a potential problem here:
>>
>> # danger lurking
>> buffer = ' ' * 260
>> length = filemethod.call(filename,buffer,buffer.size)
>> if length>0 then
>> return buffer.slice(0..length-1)
>>
this has to do with windows long/short names and this branch is never
entered under unix ; also, buffer is just a string and has nothing to do
with "buffers that produce those buffer overflows"
>> It looks like PRAGMA is trying to reinvent kpsewhich, integrate internet
>>
well, it's mostly a wrapper around kpsewhich; it would be natural to
have kpse as a library but (1) it's not stable [api cq. names changes]
and i don't see a stable kpse lib usable in script languages show up;
(and yes: i rewrote kpse in ruby, and surprise, in some case it even
runs faster than the c version); consider that in context there can be
runs with (say) 400 calls to metapost and then it really pays off to
bypass this ls-r loading
>> explorer, launch editors, and do a whole bunch of other stuff I haven't
>>
this launching is only used when one starts documentation -- we use this
in editors: context sensitive help started by a few keystrokes
another option is to use file associations but that has some disadvantaged
anyhow, i see no security risks here since all happens inside the tex
domain; i don't need tex to crash an internet browser (on any system) -)
>> figured out. texexec should be a simple wrapper around tex or pdftex
>> but it works via texmfstart.rb which is 2541 lines of Ruby - and that's
>> a lot of Ruby. It may all be wonderful (I am not a Ruby programmer) but
>>
well, if kpse* would have evolved ... sure, but it didn't; also, since i
run tex on windows, linux and macosx, i want one launcher for all of
them, not all kind of os dependent scripts
>> it makes me nervous.
>>
well, i would be more worried about tons of cryptic perl code, even if
i've written it myself, after a few years i can no longer figure out
what it does;
>> Is an older/simpler texexec still available?
>>
there is still texexec.pl (will always be around) but i will no longer
develop the perl scripts
Hans
--
-----------------------------------------------------------------
Hans Hagen | PRAGMA ADE
Ridderstraat 27 | 8061 GH Hasselt | The Netherlands
tel: 038 477 53 69 | fax: 038 477 53 74 | www.pragma-ade.com
| www.pragma-pod.nl
-----------------------------------------------------------------
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Two problems with current ruby scripts
2006-10-25 8:50 ` Hans Hagen
@ 2006-10-25 13:27 ` Mojca Miklavec
0 siblings, 0 replies; 3+ messages in thread
From: Mojca Miklavec @ 2006-10-25 13:27 UTC (permalink / raw)
Cc: Mike Bird
On 10/25/06, Hans Hagen wrote:
>
> >> Command: texexec --output=dvips foo
> >> Should produce: foo.dvi
> >> Actually produces: foo.pdf
> >>
> hm, i need to check that, maybe there is no dvips option
> >> Command: texexec --dvi foo
> >> Should produce: foo.dvi
> >> Actually produces: foo.dvi AND OVERWRITES foo.ps
> >>
> >> --Mike Bird
> >>
> that's because the backend is called as well (dvips) ; the latest
> version has a --nobackend option
But shouldn't "--dvi" produce only dvi (no dvips run afterwards) by
default as was already suggested some time ago? I don't know how
exactly "backends" and specials work, but why should the user bother
about backends if he wants dvi output only?
Mojca
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-10-25 13:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-10-25 8:19 Two problems with current ruby scripts Norbert Preining
2006-10-25 8:50 ` Hans Hagen
2006-10-25 13:27 ` Mojca Miklavec
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).