From owner-freebsd-bugs Wed Apr 19 14:42:50 1995 Return-Path: bugs-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id OAA00412 for bugs-outgoing; Wed, 19 Apr 1995 14:42:50 -0700 Received: from cabri.obs-besancon.fr (cabri.obs-besancon.fr [193.52.184.3]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id OAA00398 for ; Wed, 19 Apr 1995 14:42:42 -0700 Received: by cabri.obs-besancon.fr (5.57/Ultrix3.0-C) id AA24054; Wed, 19 Apr 95 23:41:46 +0100 Date: Wed, 19 Apr 95 23:41:46 +0100 From: jmz@cabri.obs-besancon.fr (Jean-Marc Zucconi) Message-Id: <9504192241.AA24054@cabri.obs-besancon.fr> To: nate@trout.sri.mt.net Cc: edward@edcom.com, freebsd-bugs@freefall.cdrom.com In-Reply-To: <199504192106.PAA05283@trout.sri.MT.net> (message from Nate Williams on Wed, 19 Apr 1995 15:06:42 -0600) Subject: Re: ports/352: tex package generally messed up X-Mailer: Emacs Sender: bugs-owner@FreeBSD.org Precedence: bulk >>>>> "Nate" == Nate Williams writes: >> > * MakeTeXPK should put generated pk files in a more permanant place >> > (or is that in the dvips package?) >> >> The default is to generate them in /tmp. You can choose an alternate >> location when configuring dvips/xdvi. Otherwise, you have to let >> /usr/local/lib/texmf/fonts/pk writable by everyone. > At my site we made /usr/local/lib/texmf/fonts/pk writeable by everyone > (mode 1777) which is no bigger security hole than what you propose > below and it doesn't require any additional setup by the user which > adding lines to /etc/daily requires. >> The best is to >> add the following code in your /etc/daily: >> if [ -d /tmp/pk ]; then >> echo -n "Moving pkfonts" >> for f in /tmp/pk/*pk; do >> if [ -f $f ]; then >> mv $f /usr/local/lib/texmf/fonts/pk/ >> fi >> done >> fi > The response given for using the above instead of making the lib > directory writable is that is stops people from purposefully putting > bogus fonts into the world directory. However, you can still put bogus > fonts in /tmp now which will end up in the global directory, and it > requires more setup at install time. > If there another valid reason for not doing this I'd like to hear it. It is difficult to find a good reason :-), but I can improve my script to filter really bogus fonts: if pktype $f >/dev/null; then mv $f /usr/local/lib/texmf/fonts/pk/ else rm -f $f fi Of course this does not prevent users to eg. replace cmr9.300pk with cmti12.622pk but the script can still be improved :-) > Nate Jean-Marc. ~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~ Jean-Marc Zucconi | jmz@cabri.obs-besancon.fr Observatoire de Besancon | F 25010 Besancon cedex | PGP Key: finger jmz@cabri.obs-besancon.fr =========================================================================