[tex-live] Status of restricted \write18 and epstopdf conversion

Manuel Pégourié-Gonnard mpg at elzevir.fr
Tue Oct 20 00:31:31 CEST 2009

Alexander Cherepanov a écrit :
>> By the way, this particular example doesn't
>> work with TeX, since it will write .ssh/authorized_keys.tex (I tried).
> And here repstopdf starts to differ from tex.

> BTW it's easy to bypass this restriction under windows: just add a 
> dot at the end of file name -- it's ignored by os but makes tex think 
> that there is already an extension.
I don't think it is intended to be a restriction anyway.

> Then openout_any=r seems strange. It gives false sense of security. 
> The problem is not that it doesn't work, but rather that it makes you 
> think that it works while not really protecting.
Perhaps it should be better documented...

>>> 2. repstopdf --nogs " ../file" (and ">../file") bypasses checks but
>>> you have already fixed it:-)
>> That's what I like with the list form of system(): it fixes things you
>> didn't even think about. :-)
> It's a similar but distinct issue -- note --nogs. It was fixed by 
> changing
>   open(OUT,">$OutputFilename")
> to
>   open($OUT, '>', $OutputFilename)
Oh, right, I didn't read your example carefully enough. I made this
change routinely, I had no example of abuse in mind. Thanks for
providing one :-)

>> Right. I'm going to implement real support for openXX_any this evening
>> (must do real-life work now): most of the job is already done.
> Cool.
Well, finally not. Looks like we are not shipping with restricted
\write18 enabled by default (nor easy to enable) after all (I just
discovered a quoting problem in the C part of the code on Unix, which
can be solved only by patching then recompiling everything).

Anyway, thanks a lot for all your help!


More information about the tex-live mailing list