teximg: Make TeX handle preventing unsafe things; remove insufficient blacklist
authorJoey Hess <joey@gnu.kitenet.net>
Sun, 30 Aug 2009 19:08:13 +0000 (15:08 -0400)
committerJoey Hess <joey@gnu.kitenet.net>
Sun, 30 Aug 2009 19:08:13 +0000 (15:08 -0400)
commit79da3393ee2fe7d5ad4d914a28c9ad5b91833280
treec65e2c36dc811c0800aebe3a383206f6583f9d28
parenta4afb333a56500f3755e1f2de9ce31fcc5165405
teximg: Make TeX handle preventing unsafe things; remove insufficient blacklist

TeX has configuration options that prevent unsafe things like shell
escapes and insecure file reads/writes.  Turn all of them on.

teximg's regex-based blacklist does not suffice.  For instance:

[[!teximg code="""
\catcode`\%=0
%input{/etc/passwd}
"""]]

Remove the blacklist, since the TeX configuration options seal off the
underlying mechanisms more safely, and the blacklist blocks other TeX
commands that can prove useful.
(cherry picked from commit 9f75d3b1f3c43820cff9ce554601f64c60d72b14)

Conflicts:

IkiWiki/Plugin/teximg.pm
debian/changelog
IkiWiki/Plugin/teximg.pm
debian/changelog