[texhax] Pointer to TeX Sandbox Howto needed
grue at diku.dk
Tue Mar 24 10:56:52 CET 2009
> as far as I can see schroot should be perfect for you. It allows to setup a
> chroot and give limited user access to it. Thus, a user can use "schroot
> latex" to compile a latex file.
Thanks for the pointer. schroot definitely looks promissing.
> However, I do not know what is the nature of your user access. There are
> physical available in front of your machine ? Or will they log in by ssh?
I have two security problems.
One is to give access to LaTeX through a web formula to untrusted users. I
do that at http://logiweb.eu/logiweb/tutorial/submit.html. But in that
case I can use chroot.
The other problem is that end users of my "Logiweb" application may not
have root privileges and need a clean jail containing LaTeX when they need
to cache a "Logiweb page" locally (a "Logiweb page" is a mixture of LaTeX
and computer code in the tradition of literate programming, and "Logiweb"
is something like a web2c which uses the Internet as repository). In this
case schroot looks *perfect*.
For the end user problem above I need a small LaTeX installation so that I
can make a fresh jail for each run af LaTeX. If I just put all TeX related
files on a standard Ubuntu install in a chroot jail then the jail ends up
being 72Mb. I will benchmark schroot to see if that is small enough, but
if you happen to know smaller TeX installations, I would be very
interested. Alternatively, one may of course clean and reuse jails, but
such an approach has its own problems.
> ... you might like to use one of the virtual machines
> ... Some, which I used already ordered from simple (to) complex
> schroot aka chroot ...
> VServer ...
> VirtualBox ...
> Xen ...
> There a many many more
> might be a good overview to start with.
> In addition the usage of lvm is imho very helpful...
> Hope that helps a bit
Certainly, thanks a lot for the pointers.
More information about the texhax