[tlbuild] permissions of the devil
Paul Vojta
vojta at math.berkeley.edu
Wed Aug 18 01:04:40 CEST 2010
On Tue, Aug 17, 2010 at 10:27:49PM +0200, Reinhard Kotucha wrote:
> On 17 August 2010 Paul Vojta wrote:
>
> > Folks:
> >
> > The following files in the texlive repository are world-writable
> > (perms 666):
> >
> > Master/texmf-dist/fonts/vf/public/eulervm/zeurb5.vf
> > [...]
>
> The installer respects the setting of umask.
>
> Or do you think that the repository is unsafe? I don't think that
> file permissions matter there at all because all files are in a
> database and can't be accessed directly by people who have an account
> at tug.org:
>
> $ ls -ld /home/svn/texlive/db/
> drwxrwsr-x 6 karl svn 4096 Aug 1 17:00 /home/svn/texlive/db/
>
> Only people who have an svn account can change files in the
> repository.
I'm not worried about people changing files in the repository.
Someone who downloads the repository on a public system will find
that s/he has publicly writable files, which are then vulnerable prior to
installation.
Also, there's some risk that someone with umask=077 would find that the
installed files were not publicly accessible, and then did
(umask 000; ./tlinstall.sh) and got some unpleasant surprises.
--Paul Vojta, vojta at math.berkeley.edu
More information about the tlbuild
mailing list