[OS X TeX] Command-line fun
Peter Dyballa
Peter_Dyballa at Web.DE
Mon Jan 15 18:42:42 CET 2007
Am 15.01.2007 um 17:15 schrieb Bruno Voisin:
> Le 15 janv. 07 à 17:04, Peter Dyballa a écrit :
>
>> 2755 for directories might be a better choice: then automatically
>> the new contents in such a directory would be owned by the owners
>> of this directory. No "post-fixing" would be necessary.
>> A problem could arise from executable files (Ruby, Perl, and other
>> scripts, for example in ConTeXt or XeTeX): they would lose this
>> attribute.
>
> Hi Peter,
>
> Thanks for the explanations. Wouldn't the above have security
> implications, any file put into these directories (owned by root)
> immediately acquiring root privileges? Or did I misunderstand
> something?
Bruno, you're planning to deliberately make the whole branch owned by
root! Giving it "root privileges." Your doing would be more dangerous
by some magnitudes ...
More seriously: changing bits in the inode of a file or directory
(that's what chmod, chown, or the automatism do) is still some light
years away from actively executing a file via sudo. Proof: when some
mortal user invokes latex, which is owned by root, on some TeX file
(STY, CLS, ..., DTX, XeTeX test file), owned by root, then the output
will /not/ belong to root. The mechanism with setting for example
2775 permissions for a directory is like adding a hook (in Emacs
speak), an automatic side-effect that inherently invokes chown. And
it's secure: no-one else than the owner of the directory is allowed
to put anything inside.
And "root privileges" are not only semantically different from "owned
by root!" Only the latter happens.
--
Greetings
Pete
Sometimes I think the surest sign that intelligent life exists
elsewhere in the universe is that none of it has tried to contact us.
-- Bill Watterson, in his comic strip Calvin and
Hobbes
------------------------- Helpful Info -------------------------
Mac-TeX Website: http://www.esm.psu.edu/mac-tex/
TeX FAQ: http://www.tex.ac.uk/faq
List Archive: http://tug.org/pipermail/macostex-archives/
List Reminders & Etiquette: http://www.esm.psu.edu/mac-tex/list/
More information about the macostex-archives
mailing list