TL 2024: lua's file.is_writable() broken
Dr. Werner Fink
werner at suse.de
Thu Mar 21 10:54:14 CET 2024
Hi,
I have a report that e.g. python-Sphinx testr code breaks at internal
test call
lualatex --halt-on-error --interaction=nonstopmode sphinxtest.tex
... now after adding some debug messages
/abuild/oscbuild/standard/usr/share/texmf/tex/luatex/luaotfload/fontloader-reference.lua
with
for i=1,#cachepaths do
local cachepath = cachepaths[i]
print("XXXX cache path " .. cachepath)
if file.is_writable("/home/abuild/") then
print("YYYY cache path writable")
else
print("YYYY cache path not writable")
end
if file.is_writable(".") then
print("YYYY cache path writable")
else
print("YYYY cache path not writable")
end
[...]
I see at stdout
This is LuaHBTeX, Version 1.18.0 (TeX Live 2024/TeX Live for opensuse.org)
restricted system commands enabled.
(./sphinxcrash.tex
LaTeX2e <2023-11-01> patch level 1
L3 programming layer <2024-02-20>
XXXX cache path /home/abuild/.cache/texmf/fonts
YYYY cache path not writable
YYYY cache path writable
which is somehow a suprise as the user abuild is owner of its home which
means that the call file.is_writable lies on /home/abuild/
abuild at noether:/home/abuild/rpmbuild/BUILD> pwd
/home/abuild/rpmbuild/BUILD
abuild at noether:/home/abuild/rpmbuild/BUILD> whoami
abuild
abuild at noether:/home/abuild/rpmbuild/BUILD> stat /home/abuild/
File: /home/abuild/
Size: 154 Blocks: 0 IO Block: 4096 directory
Device: 8,17 Inode: 1081575903 Links: 6
Access: (0755/drwxr-xr-x) Uid: ( 399/ abuild) Gid: ( 399/ abuild)
Access: 2024-03-21 09:04:27.553841693 +0000
Modify: 2024-03-21 09:36:35.453417724 +0000
Change: 2024-03-21 09:36:35.453417724 +0000
Birth: 2024-03-21 08:08:32.891190086 +0000
The strace show at this call
9776 write(1, "XXXX cache path /home/abuild/.cache/texmf/fonts", 47) = 47
9776 write(1, "\n", 1) = 1
9776 newfstatat(AT_FDCWD, "/home/abuild", {st_mode=S_IFDIR|0755, st_size=154, ...}, 0) = 0
9776 write(1, "YYYY cache path not writable", 28) = 28
9776 write(1, "\n", 1) = 1
9776 newfstatat(AT_FDCWD, ".", {st_mode=S_IFDIR|0755, st_size=135, ...}, 0) = 0
9776 openat(AT_FDCWD, "./m_t_x_t_e_s_t.tmp", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
9776 close(5) = 0
9776 unlink("./m_t_x_t_e_s_t.tmp") = 0
9776 write(1, "YYYY cache path writable", 24) = 24
9776 write(1, "\n", 1) = 1
OK this is secure ... very secure but totally unusable
Werner
--
"Having a smoking section in a restaurant is like having
a peeing section in a swimming pool." -- Edward Burr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 894 bytes
Desc: not available
URL: <https://tug.org/pipermail/tex-live/attachments/20240321/0e571a70/attachment.sig>
More information about the tex-live
mailing list.