[OS X TeX] tlmgr
cfrees at imapmail.org
cfrees at imapmail.org
Sun Oct 19 00:00:41 CEST 2008
On Sat 18th Oct, 2008 at 22:49, Peter Dyballa seems to have written:
>
> Am 17.10.2008 um 02:01 schrieb Dr. Clea F. Rees:
>
>> The MacTeX wiki currently recommends running:
>> sudo tlmgr update --all
>>
>> Question: is there some reason to prefer this to:
>> sudo -H tlmgr update --all
>
> There is one quite good reason: avoiding danger.
>
> An attacker might leave in ~/bin a script or programme, it could have been
> downloaded by visiting some web page or viewing some graphics file or movie.
> Let's assume it has a name like kpsewhich or updmap. In a simple sudo
> situation ~/bin is in root's search PATH and ~/bin/kpsewhich or ~/bin/updmap
> could be executed with elevated privileges. In a 'sudo -H' situation ~/bin
> becomes root's private bin directory, i.e., /var/root/bin ? which usually
> does not exist at all. No danger. Security.
That's actually a reason *against* the current recommendation, though,
right? That is, it is a reason to prefer
sudo -H
to
sudo
rather than the other way around.
In fact, though, it makes no difference from a security point of view.
The *expanded* value of PATH is inherited so -H doesn't affect it. So
the choice to use -H or not makes no difference so far as security is
concerned.
- cfr
More information about the macostex-archives
mailing list