[tex-live] running tex and lua under restricted shell escape

David Carlisle d.p.carlisle at gmail.com
Sat Feb 13 13:15:00 CET 2016

On 13 February 2016 at 00:04, Karl Berry <karl at freefriends.org> wrote:
>     wouldn't the issues with libraries and file writing be just the same
>     as a top level lualatex call?
> The difference is that programs enabled by shell_escape should be safe
> for someone to download an arbitrary document, e.g. written by someone
> else, and process with tex, and be reasonably assured that nothing
> terrible will happen.
> Whereas at the top level, the user is doing the invoking, so they are
> assuming some risk :).
> shell_escape came into being earlier than luatex.  I admit I hadn't
> really thought about it before.  Without Lua in the picture, the
> defaults for shell_escape stuff are a decent attempt at being secure, as
> far as I know.  I doubt anyone would want Lua(TeX) to be crippled so as
> to make lua(la)tex invocations secure by default, which seems like what
> it would boil down to.
> Thus, anyone invoking lualatex from the cmdline (or through their GUI)
> should know (in theory anyway) that Lua can do all kinds of things and
> results cannot be guaranteed.  I'm not sure if we can do better.

But my understanding is that recent luatex _does_ prevent lua from
using os.execute
and similar commands using the same texmf.cnf settings as write18 so
with details to be determined
it's not so different from running classic tex.


> Hmm.
> Thanks,
> K

More information about the tex-live mailing list