[tex-live] README with executable bit on
Reinhard Kotucha
reinhard.kotucha at web.de
Fri Apr 5 23:35:08 CEST 2013
On 2013-04-05 at 21:18:05 +0200, jfbu wrote:
> Hi,
>
> I just updated TL 2012 on a Mac OS, using TeX Live Utility
> I see a small package passing by, "roundbox" and I want to
> read its documentation. Double-Clicking the README icon
> pops up a Terminal window and it appears as is some script
> was trying to run.
>
> So I go
> to see the actual file:
> /usr/local/texlive/2012/texmf-dist/doc/latex/roundbox/README
> and it has the executable bit on, although it is a perfectly
> innocent text file
>
> -rwxr-xr-x 945 Apr 4 00:39 README
>
> retrospectively isn't this a potential security problem?
No, the executable bit is not a security problem. If that would be
the case, then all files on USB sticks with a FAT filesystem are
insecure.
If a file contains computer code, it could be harmful. If a file
called 'README' contains computer code, I would be very careful.
But it's not the case here.
What makes you think that your system is trying to execute a script?
Regards,
Reinhard
--
----------------------------------------------------------------------------
Reinhard Kotucha Phone: +49-511-3373112
Marschnerstr. 25
D-30167 Hannover mailto:reinhard.kotucha at web.de
----------------------------------------------------------------------------
Microsoft isn't the answer. Microsoft is the question, and the answer is NO.
----------------------------------------------------------------------------
More information about the tex-live
mailing list