[tex-k] Kpathsea and SUID/SGID programs

Karl Berry karl at freefriends.org
Mon May 17 23:24:03 CEST 2004


    It is arguable whether this is a feature or a bug.  This gets into the
    area of what security model libkpathsea should be supporting, which is
    something that hasn't been really worked out.

Indeed, although, FWIW, it still seems like a bug to me.  I don't see
any practical reason for kpathsea to arbitrarily deny access to files,
if an executable has been made set[gu]id.  After all, no setid bits are
set when installing by default, so presumably the admins know what they
are doing (as Jan does :).

I know it's a complicated subject.



More information about the tex-k mailing list