How to package executables

Karl Berry karl at
Tue Jul 21 23:36:34 CEST 2020

    totally up to the user running spix to be aware that they need to
    manually check the source code downloaded from internet before
    compiling anything?

Right. There are many scripts in TL. We cannot check them. And anyway
many of them need to run "dangerous" things to do their jobs.
Every command is dangerous (rm, cc, ...).

    guarantee that tex/latex (at least for pdftex and xetex) etc. 

Thanks to Luigi, I believe LuaTeX is safer by default than it used to be. -k

More information about the tex-live mailing list.