[tex-live] Tool update outside tlmgr
Nelson H. F. Beebe
beebe at math.utah.edu
Sat Dec 5 16:02:22 CET 2015
Paulo Roberto Massa Cereda <cereda.paulo at gmail.com> writes on
Sat, 5 Dec 2015 08:13:35 -0200:
>> ...
>> ... one should invoke
>>
>> $ sudo arara --update-rules
>>
>> or
>>
>> $ su -c 'arara --update-rules'
>>
>> in order to have the proper access privileges.
>> ...
I would STRONGLY oppose that. Software such as TeX Live should NEVER
need root access to install. Instead, it should be installed and
owned by the user of a single-user machine, or the administrator(s) of
a shared machine, or better, by a special unprivileged account
accessible to the owner/administrator.
Root privileges are extremely dangerous when foreign software is run.
The recent BitLocker-like attack on GNU/Linux systems (wherein files
in all filesystems are encrypted and held for ransom by the attackers)
propagated successfully because a Web utility foolishly demanded root
access to run. Software should always run with minimal privileges:
there is a good reason that modern Web browsers and Java try to
sandbox program execution.
-------------------------------------------------------------------------------
- Nelson H. F. Beebe Tel: +1 801 581 5254 -
- University of Utah FAX: +1 801 581 4148 -
- Department of Mathematics, 110 LCB Internet e-mail: beebe at math.utah.edu -
- 155 S 1400 E RM 233 beebe at acm.org beebe at computer.org -
- Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe/ -
-------------------------------------------------------------------------------
More information about the tex-live
mailing list