[tex-live] install-tl-windows.bat unavailable in Microsoft Store

Zdenek Wagner zdenek.wagner at gmail.com
Tue Dec 11 23:14:27 CET 2018 

út 11. 12. 2018 v 19:49 odesílatel George Georgalis <george at galis.org> napsal:
>
>
>
> On Tue, Dec 11, 2018 at 2:08 AM Zdenek Wagner <zdenek.wagner at gmail.com> wrote:
>>
>> út 11. 12. 2018 v 1:20 odesílatel Norbert Preining <preining at logic.at> napsal:
>> >
>> > On Mon, 10 Dec 2018, George Georgalis wrote:
>> > > users have to integrate tex to their platform every time they install a new
>> > > os anyway. I'm suggesting taking ownership of the platform to run the text
>> > > processing environment. It's not like the effort of owning OS maintenance,
>> >
>> > Could you be more specific? This sounds very much like sales person blabla.
>> > I am using all the above and more technologies daily for my job, and
>> > none of them is a solution for the problem at hand.
>> >
>> I am another person who is eager to know greater details. How can
>> tlmgr and lua overcome the problems of the S-mode by running inside a
>> container?
>
>
>
> Well, I'm not particularly interested in contributing to a "community" that rejects my comments about a framing a viable solution with pessimism and cynicism. A constructive response identifies specific technical gaps for consideration. I will go another step to explain my vision of viability though.
>
> I do not know how tlmgr works, but my first guess at enabling "lua" to pass a security audit would be to distribute it without os.execute() and similar functions. Sure that would be a formidable effort.
>
> We should ground our perspective with the big picture, the intent of s-mode. I don't do windows, and I don't know exactly, but I have enough experience to make a very good guess. To certify for the store, signed applications probably go through a vetting process that determines if they are "safe" so an application capable of executing arbitrary downloaded binaries (cmd.exe) would fail.
>
> I really didn't mean to use 'docker' but to use a 'minimalist container like framework' (such as..). Is there any kind of chroot  jail already available in the store? If so that would be a place to start.  Any solution MUST NOT enable an opportunity to corrupt or otherwise exploit any unintended data or resources. Isolating a context, a sandbox, that allows tex-live to operate within these constraints is a principle requirement. If you ignore that, there is no point in  discussing further. Then again I could be wrong, maybe the store will allow you to install software to create network sockets, execute arbitrary binaries, and read/write arbitrary user data...
>
> In any event, good luck!
>
> -George
>
Please, do not feel cynicism in my e-mail. Although I am not an expert
at TL infrastructure, I know much about it because not everything was
available in OS/2 and I had to cope with it somehow myself. I have
\write18 disabled on my computers but as default it can only run
listed applications. I am not sure what can be done with os.execute in
Lua and how much it is needed e.g. in ConTeXt.

As far as tlmgr is concerned, many actions can easily be rewritten in
anything else but the key point is update. The size of installed TL
grew from 1.3 GB in 2007 to 7 GB in 2018 (scheme texlive-full with
Linux binaries). Tlmgr can install updated packages so it is possible
do download just a few KB if updates are requested regularly (there
may be several updates within a week). In MS Store the updates are
handled by the store irself. I haven't read the documentation but does
it mean, that if a single package is updated, it will be necessary to
upload the whole 7GB TL to MS Store and have it verified by MS
testers? Will MS Store be able to send incremental updates or will it
be necessary to downoad always 7 GB instead of a few KB of an updated
package?

I have no experience with container technologies, I have never tried
to develop anything for iOS or Android. However, I know that my
programs are intended to be used by users, not admins, so they are not
allowed to write to arbitrary place of the disk, they are not even
allowed to read all files, they are not allowed to change the system
settings. I have to be prepared for this and the program must not
crash but display an error message. If a user runs my programs with
elevated privileges, then it is not my fault. I got my knowledge
gradually for using and programming for CMS, CP/M, DOS, OS/2, Linux,
Mac OS X, Windows {3.0, 3.11, NT, 2000, 95, 98, XP, 7} and I always
wanted to make my software multiplatform. Now it seems that all I know
is next to useless for the S-mode and in addition to the multiplatform
version I will have to make an S-mode version.

So if I saw the suggestion of using container technology, I expected a
constructive outline what should be done and how. Of course, not the
real code but an RL with examples of code snippets demonstrating how
to convert an infrastructure of command line programs to an S-mode app
will be very useful. Just now it is much easier for me to provide a
web service for those unhappy persons who are not allowed to leave the
S-mode and hope that Javascript will not be crippled in Edge.


Zdeněk Wagner
http://ttsm.icpf.cas.cz/team/wagner.shtml
http://icebearsoft.euweb.cz

>
> --
> George Georgalis, (415) 894-2710, http://www.galis.org/
>

More information about the tex-live mailing list