[luatex] File permissions for luatex PDF output
Khaled Hosny
khaledhosny at eglug.org
Sun Sep 5 16:30:29 CEST 2010
On Sun, Sep 05, 2010 at 03:53:36PM +0200, Ulrik Vieth wrote:
> I just made an interesting observation, which may have potential
> security implications.
>
> Somehow PDF and AUX files from LuaLaTeX have file permissions 666,
> whereas LOG files have file permission 644 (according to umask 022).
>
> In other words, PDF and AUX files generated by LuaLaTeX could become
> world-writable to other users on a multi-user system.
>
> What I find strange is that it happens when I run LuaLaTeX test files
> using OpenType math fonts. It does not happen for ConTeXt test files.
>
> It does not happen for plain LuaTeX with TFM fonts, e.g. "luatex story"
> It does not happen for LuaLaTeX with TFM fonts, e.g. "lualatex sample2e"
>
> It does however, happen, with plain LuaTeX when I load luaotfload,e.g.
>
> luatex
> \relax
> \input luatofload.sty
> \input story
> \bye
>
> Is there anything in luaotfload which instruments the file output
> mechanism for PDF and AUX files, but fails to consider the umask?
I don't have the slightest idea what would be causing that.
Regards,
Khaled
--
Khaled Hosny
Arabic localiser and member of Arabeyes.org team
Free font developer
More information about the luatex
mailing list